Skip to content

Return an owned String from cstr_arg#249

Merged
larsewi merged 1 commit into
masterfrom
cstr-arg-owned-string
Jun 27, 2026
Merged

Return an owned String from cstr_arg#249
larsewi merged 1 commit into
masterfrom
cstr-arg-owned-string

Conversation

@larsewi

@larsewi larsewi commented Jun 26, 2026

Copy link
Copy Markdown
Owner

cstr_arg returned a &str with an unbounded lifetime detached from the C pointer it borrows. It's sound today (every caller consumes the value within the FFI call), but a future edit that stashed the result past the call would compile and use freed memory. Returning an owned String removes the lifetime so the borrow checker can catch such misuse. Callers updated; behavior unchanged.

🤖 Generated with Claude Code

cstr_arg returned a &str with an unbounded lifetime detached from the C
pointer it borrowed, so a future caller that stashed the value past the
FFI call would compile but use freed memory. Return an owned String so
the borrow checker can no longer be fooled.

Signed-off-by: Lars Erik Wik <lars.erik.wik@northern.tech>

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@larsewi larsewi added bug Bug fix chore Internal change, excluded from release notes and removed bug Bug fix labels Jun 26, 2026
@larsewi larsewi marked this pull request as ready for review June 26, 2026 12:22
@larsewi larsewi merged commit fd7f2a0 into master Jun 27, 2026
7 checks passed
@larsewi larsewi deleted the cstr-arg-owned-string branch June 27, 2026 10:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

chore Internal change, excluded from release notes

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant