1 use crate::io::AsyncRead; 2 3 use std::future::Future; 4 use std::io; 5 use std::mem::{self, MaybeUninit}; 6 use std::pin::Pin; 7 use std::task::{Context, Poll}; 8 9 #[derive(Debug)] 10 #[must_use = "futures do nothing unless you `.await` or poll them"] 11 #[cfg_attr(docsrs, doc(cfg(feature = "io-util")))] 12 pub struct ReadToEnd<'a, R: ?Sized> { 13 reader: &'a mut R, 14 buf: &'a mut Vec<u8>, 15 /// The number of bytes appended to buf. This can be less than buf.len() if 16 /// the buffer was not empty when the operation was started. 17 read: usize, 18 } 19 20 pub(crate) fn read_to_end<'a, R>(reader: &'a mut R, buffer: &'a mut Vec<u8>) -> ReadToEnd<'a, R> 21 where 22 R: AsyncRead + Unpin + ?Sized, 23 { 24 prepare_buffer(buffer, reader); 25 ReadToEnd { 26 reader, 27 buf: buffer, 28 read: 0, 29 } 30 } 31 32 /// # Safety 33 /// 34 /// Before first calling this method, the unused capacity must have been 35 /// prepared for use with the provided AsyncRead. This can be done using the 36 /// `prepare_buffer` function later in this file. 37 pub(super) unsafe fn read_to_end_internal<R: AsyncRead + ?Sized>( 38 buf: &mut Vec<u8>, 39 mut reader: Pin<&mut R>, 40 num_read: &mut usize, 41 cx: &mut Context<'_>, 42 ) -> Poll<io::Result<usize>> { 43 loop { 44 // safety: The caller promised to prepare the buffer. 45 let ret = ready!(poll_read_to_end(buf, reader.as_mut(), cx)); 46 match ret { 47 Err(err) => return Poll::Ready(Err(err)), 48 Ok(0) => return Poll::Ready(Ok(mem::replace(num_read, 0))), 49 Ok(num) => { 50 *num_read += num; 51 } 52 } 53 } 54 } 55 56 /// Tries to read from the provided AsyncRead. 57 /// 58 /// The length of the buffer is increased by the number of bytes read. 59 /// 60 /// # Safety 61 /// 62 /// The caller ensures that the buffer has been prepared for use with the 63 /// AsyncRead before calling this function. This can be done using the 64 /// `prepare_buffer` function later in this file. 65 unsafe fn poll_read_to_end<R: AsyncRead + ?Sized>( 66 buf: &mut Vec<u8>, 67 read: Pin<&mut R>, 68 cx: &mut Context<'_>, 69 ) -> Poll<io::Result<usize>> { 70 // This uses an adaptive system to extend the vector when it fills. We want to 71 // avoid paying to allocate and zero a huge chunk of memory if the reader only 72 // has 4 bytes while still making large reads if the reader does have a ton 73 // of data to return. Simply tacking on an extra DEFAULT_BUF_SIZE space every 74 // time is 4,500 times (!) slower than this if the reader has a very small 75 // amount of data to return. 76 reserve(buf, &*read, 32); 77 78 let unused_capacity: &mut [MaybeUninit<u8>] = get_unused_capacity(buf); 79 80 // safety: The buffer has been prepared for use with the AsyncRead before 81 // calling this function. 82 let slice: &mut [u8] = &mut *(unused_capacity as *mut [MaybeUninit<u8>] as *mut [u8]); 83 84 let res = ready!(read.poll_read(cx, slice)); 85 if let Ok(num) = res { 86 // safety: There are two situations: 87 // 88 // 1. The AsyncRead has not overriden `prepare_uninitialized_buffer`. 89 // 90 // In this situation, the default implementation of that method will have 91 // zeroed the unused capacity. This means that setting the length will 92 // never expose uninitialized memory in the vector. 93 // 94 // Note that the assert! below ensures that we don't set the length to 95 // something larger than the capacity, which malicious implementors might 96 // try to have us do. 97 // 98 // 2. The AsyncRead has overriden `prepare_uninitialized_buffer`. 99 // 100 // In this case, the safety of the `set_len` call below relies on this 101 // guarantee from the documentation on `prepare_uninitialized_buffer`: 102 // 103 // > This function isn't actually unsafe to call but unsafe to implement. 104 // > The implementer must ensure that either the whole buf has been zeroed 105 // > or poll_read() overwrites the buffer without reading it and returns 106 // > correct value. 107 // 108 // Note that `prepare_uninitialized_buffer` is unsafe to implement, so this 109 // is a guarantee we can rely on in unsafe code. 110 // 111 // The assert!() is technically only necessary in the first case. 112 let new_len = buf.len() + num; 113 assert!(new_len <= buf.capacity()); 114 115 buf.set_len(new_len); 116 } 117 Poll::Ready(res) 118 } 119 120 /// This function prepares the unused capacity for use with the provided AsyncRead. 121 pub(super) fn prepare_buffer<R: AsyncRead + ?Sized>(buf: &mut Vec<u8>, read: &R) { 122 let buffer = get_unused_capacity(buf); 123 124 // safety: This function is only unsafe to implement. 125 unsafe { 126 read.prepare_uninitialized_buffer(buffer); 127 } 128 } 129 130 /// Allocates more memory and ensures that the unused capacity is prepared for use 131 /// with the `AsyncRead`. 132 fn reserve<R: AsyncRead + ?Sized>(buf: &mut Vec<u8>, read: &R, bytes: usize) { 133 if buf.capacity() - buf.len() >= bytes { 134 return; 135 } 136 buf.reserve(bytes); 137 // The call above has reallocated the buffer, so we must reinitialize the entire 138 // unused capacity, even if we already initialized some of it before the resize. 139 prepare_buffer(buf, read); 140 } 141 142 /// Returns the unused capacity of the provided vector. 143 fn get_unused_capacity(buf: &mut Vec<u8>) -> &mut [MaybeUninit<u8>] { 144 bytes::BufMut::bytes_mut(buf) 145 } 146 147 impl<A> Future for ReadToEnd<'_, A> 148 where 149 A: AsyncRead + ?Sized + Unpin, 150 { 151 type Output = io::Result<usize>; 152 153 fn poll(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> { 154 let Self { reader, buf, read } = &mut *self; 155 156 // safety: The constructor of ReadToEnd calls `prepare_buffer` 157 unsafe { read_to_end_internal(buf, Pin::new(*reader), read, cx) } 158 } 159 } 160 161 #[cfg(test)] 162 mod tests { 163 use super::*; 164 165 #[test] 166 fn assert_unpin() { 167 use std::marker::PhantomPinned; 168 crate::is_unpin::<ReadToEnd<'_, PhantomPinned>>(); 169 } 170 } 171