1 use crate::io::AsyncRead;
2
3 use std::future::Future;
4 use std::io;
5 use std::mem::{self, MaybeUninit};
6 use std::pin::Pin;
7 use std::task::{Context, Poll};
8
9 #[derive(Debug)]
10 #[must_use = "futures do nothing unless you `.await` or poll them"]
11 #[cfg_attr(docsrs, doc(cfg(feature = "io-util")))]
12 pub struct ReadToEnd<'a, R: ?Sized> {
13 reader: &'a mut R,
14 buf: &'a mut Vec<u8>,
15 /// The number of bytes appended to buf. This can be less than buf.len() if
16 /// the buffer was not empty when the operation was started.
17 read: usize,
18 }
19
read_to_end<'a, R>(reader: &'a mut R, buffer: &'a mut Vec<u8>) -> ReadToEnd<'a, R> where R: AsyncRead + Unpin + ?Sized,20 pub(crate) fn read_to_end<'a, R>(reader: &'a mut R, buffer: &'a mut Vec<u8>) -> ReadToEnd<'a, R>
21 where
22 R: AsyncRead + Unpin + ?Sized,
23 {
24 prepare_buffer(buffer, reader);
25 ReadToEnd {
26 reader,
27 buf: buffer,
28 read: 0,
29 }
30 }
31
32 /// # Safety
33 ///
34 /// Before first calling this method, the unused capacity must have been
35 /// prepared for use with the provided AsyncRead. This can be done using the
36 /// `prepare_buffer` function later in this file.
read_to_end_internal<R: AsyncRead + ?Sized>( buf: &mut Vec<u8>, mut reader: Pin<&mut R>, num_read: &mut usize, cx: &mut Context<'_>, ) -> Poll<io::Result<usize>>37 pub(super) unsafe fn read_to_end_internal<R: AsyncRead + ?Sized>(
38 buf: &mut Vec<u8>,
39 mut reader: Pin<&mut R>,
40 num_read: &mut usize,
41 cx: &mut Context<'_>,
42 ) -> Poll<io::Result<usize>> {
43 loop {
44 // safety: The caller promised to prepare the buffer.
45 let ret = ready!(poll_read_to_end(buf, reader.as_mut(), cx));
46 match ret {
47 Err(err) => return Poll::Ready(Err(err)),
48 Ok(0) => return Poll::Ready(Ok(mem::replace(num_read, 0))),
49 Ok(num) => {
50 *num_read += num;
51 }
52 }
53 }
54 }
55
56 /// Tries to read from the provided AsyncRead.
57 ///
58 /// The length of the buffer is increased by the number of bytes read.
59 ///
60 /// # Safety
61 ///
62 /// The caller ensures that the buffer has been prepared for use with the
63 /// AsyncRead before calling this function. This can be done using the
64 /// `prepare_buffer` function later in this file.
poll_read_to_end<R: AsyncRead + ?Sized>( buf: &mut Vec<u8>, read: Pin<&mut R>, cx: &mut Context<'_>, ) -> Poll<io::Result<usize>>65 unsafe fn poll_read_to_end<R: AsyncRead + ?Sized>(
66 buf: &mut Vec<u8>,
67 read: Pin<&mut R>,
68 cx: &mut Context<'_>,
69 ) -> Poll<io::Result<usize>> {
70 // This uses an adaptive system to extend the vector when it fills. We want to
71 // avoid paying to allocate and zero a huge chunk of memory if the reader only
72 // has 4 bytes while still making large reads if the reader does have a ton
73 // of data to return. Simply tacking on an extra DEFAULT_BUF_SIZE space every
74 // time is 4,500 times (!) slower than this if the reader has a very small
75 // amount of data to return.
76 reserve(buf, &*read, 32);
77
78 let unused_capacity: &mut [MaybeUninit<u8>] = get_unused_capacity(buf);
79
80 // safety: The buffer has been prepared for use with the AsyncRead before
81 // calling this function.
82 let slice: &mut [u8] = &mut *(unused_capacity as *mut [MaybeUninit<u8>] as *mut [u8]);
83
84 let res = ready!(read.poll_read(cx, slice));
85 if let Ok(num) = res {
86 // safety: There are two situations:
87 //
88 // 1. The AsyncRead has not overriden `prepare_uninitialized_buffer`.
89 //
90 // In this situation, the default implementation of that method will have
91 // zeroed the unused capacity. This means that setting the length will
92 // never expose uninitialized memory in the vector.
93 //
94 // Note that the assert! below ensures that we don't set the length to
95 // something larger than the capacity, which malicious implementors might
96 // try to have us do.
97 //
98 // 2. The AsyncRead has overriden `prepare_uninitialized_buffer`.
99 //
100 // In this case, the safety of the `set_len` call below relies on this
101 // guarantee from the documentation on `prepare_uninitialized_buffer`:
102 //
103 // > This function isn't actually unsafe to call but unsafe to implement.
104 // > The implementer must ensure that either the whole buf has been zeroed
105 // > or poll_read() overwrites the buffer without reading it and returns
106 // > correct value.
107 //
108 // Note that `prepare_uninitialized_buffer` is unsafe to implement, so this
109 // is a guarantee we can rely on in unsafe code.
110 //
111 // The assert!() is technically only necessary in the first case.
112 let new_len = buf.len() + num;
113 assert!(new_len <= buf.capacity());
114
115 buf.set_len(new_len);
116 }
117 Poll::Ready(res)
118 }
119
120 /// This function prepares the unused capacity for use with the provided AsyncRead.
prepare_buffer<R: AsyncRead + ?Sized>(buf: &mut Vec<u8>, read: &R)121 pub(super) fn prepare_buffer<R: AsyncRead + ?Sized>(buf: &mut Vec<u8>, read: &R) {
122 let buffer = get_unused_capacity(buf);
123
124 // safety: This function is only unsafe to implement.
125 unsafe {
126 read.prepare_uninitialized_buffer(buffer);
127 }
128 }
129
130 /// Allocates more memory and ensures that the unused capacity is prepared for use
131 /// with the `AsyncRead`.
reserve<R: AsyncRead + ?Sized>(buf: &mut Vec<u8>, read: &R, bytes: usize)132 fn reserve<R: AsyncRead + ?Sized>(buf: &mut Vec<u8>, read: &R, bytes: usize) {
133 if buf.capacity() - buf.len() >= bytes {
134 return;
135 }
136 buf.reserve(bytes);
137 // The call above has reallocated the buffer, so we must reinitialize the entire
138 // unused capacity, even if we already initialized some of it before the resize.
139 prepare_buffer(buf, read);
140 }
141
142 /// Returns the unused capacity of the provided vector.
get_unused_capacity(buf: &mut Vec<u8>) -> &mut [MaybeUninit<u8>]143 fn get_unused_capacity(buf: &mut Vec<u8>) -> &mut [MaybeUninit<u8>] {
144 bytes::BufMut::bytes_mut(buf)
145 }
146
147 impl<A> Future for ReadToEnd<'_, A>
148 where
149 A: AsyncRead + ?Sized + Unpin,
150 {
151 type Output = io::Result<usize>;
152
poll(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output>153 fn poll(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
154 let Self { reader, buf, read } = &mut *self;
155
156 // safety: The constructor of ReadToEnd calls `prepare_buffer`
157 unsafe { read_to_end_internal(buf, Pin::new(*reader), read, cx) }
158 }
159 }
160
161 #[cfg(test)]
162 mod tests {
163 use super::*;
164
165 #[test]
assert_unpin()166 fn assert_unpin() {
167 use std::marker::PhantomPinned;
168 crate::is_unpin::<ReadToEnd<'_, PhantomPinned>>();
169 }
170 }
171