From 459d2cfe359ca855a1d4b46cd9aa768db12084e9 Mon Sep 17 00:00:00 2001
From: asdf <asdf@debian.localdomain>
Date: Sat, 5 Jan 2013 05:52:37 -0500
Subject: [PATCH 1/3] adding bound checks for raw::memcpy and memmove

---
 src/libcore/vec.rs | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/libcore/vec.rs b/src/libcore/vec.rs
index cdd8db6c543b7..758c35cc14bba 100644
--- a/src/libcore/vec.rs
+++ b/src/libcore/vec.rs
@@ -1960,6 +1960,9 @@ pub mod raw {
       * may overlap.
       */
     pub unsafe fn memcpy<T>(dst: &[mut T], src: &[const T], count: uint) {
+        assert dst.len() >= count;
+        assert src.len() >= count;
+
         do as_mut_buf(dst) |p_dst, _len_dst| {
             do as_const_buf(src) |p_src, _len_src| {
                 ptr::memcpy(p_dst, p_src, count)
@@ -1974,6 +1977,9 @@ pub mod raw {
       * may overlap.
       */
     pub unsafe fn memmove<T>(dst: &[mut T], src: &[const T], count: uint) {
+        assert dst.len() >= count;
+        assert src.len() >= count;
+
         do as_mut_buf(dst) |p_dst, _len_dst| {
             do as_const_buf(src) |p_src, _len_src| {
                 ptr::memmove(p_dst, p_src, count)
@@ -3730,6 +3736,15 @@ mod tests {
             fail
         }
     }
+
+    #[test]
+    #[should_fail]
+    fn test_memcpy_oob() unsafe {
+        let a = [mut 1, 2, 3, 4];
+        let b = [1, 2, 3, 4, 5];
+        raw::memcpy(a, b, 5);
+    }
+
 }
 
 // Local Variables:

From 89000f045ff20de2d758fe6a454e6f25574f1503 Mon Sep 17 00:00:00 2001
From: asdf <asdf@debian.localdomain>
Date: Sat, 5 Jan 2013 05:52:37 -0500
Subject: [PATCH 2/3] adding bound checks for raw::memcpy and memmove

---
 src/libcore/vec.rs | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/libcore/vec.rs b/src/libcore/vec.rs
index cdd8db6c543b7..758c35cc14bba 100644
--- a/src/libcore/vec.rs
+++ b/src/libcore/vec.rs
@@ -1960,6 +1960,9 @@ pub mod raw {
       * may overlap.
       */
     pub unsafe fn memcpy<T>(dst: &[mut T], src: &[const T], count: uint) {
+        assert dst.len() >= count;
+        assert src.len() >= count;
+
         do as_mut_buf(dst) |p_dst, _len_dst| {
             do as_const_buf(src) |p_src, _len_src| {
                 ptr::memcpy(p_dst, p_src, count)
@@ -1974,6 +1977,9 @@ pub mod raw {
       * may overlap.
       */
     pub unsafe fn memmove<T>(dst: &[mut T], src: &[const T], count: uint) {
+        assert dst.len() >= count;
+        assert src.len() >= count;
+
         do as_mut_buf(dst) |p_dst, _len_dst| {
             do as_const_buf(src) |p_src, _len_src| {
                 ptr::memmove(p_dst, p_src, count)
@@ -3730,6 +3736,15 @@ mod tests {
             fail
         }
     }
+
+    #[test]
+    #[should_fail]
+    fn test_memcpy_oob() unsafe {
+        let a = [mut 1, 2, 3, 4];
+        let b = [1, 2, 3, 4, 5];
+        raw::memcpy(a, b, 5);
+    }
+
 }
 
 // Local Variables:

From f5c90966ad6e51f3d53fd5b879418315f47e1b7a Mon Sep 17 00:00:00 2001
From: asdf <asdf@debian.localdomain>
Date: Tue, 8 Jan 2013 02:07:50 -0500
Subject: [PATCH 3/3] removing checks from vec::bytes::memcpy and memmove as
 are duplicated from raw::

---
 src/libcore/vec.rs | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/src/libcore/vec.rs b/src/libcore/vec.rs
index 758c35cc14bba..a128b45c35026 100644
--- a/src/libcore/vec.rs
+++ b/src/libcore/vec.rs
@@ -2041,9 +2041,7 @@ pub mod bytes {
       * may not overlap.
       */
     pub fn memcpy(dst: &[mut u8], src: &[const u8], count: uint) {
-        assert dst.len() >= count;
-        assert src.len() >= count;
-
+        // Bound checks are done at vec::raw::memcpy.
         unsafe { vec::raw::memcpy(dst, src, count) }
     }
 
@@ -2054,9 +2052,7 @@ pub mod bytes {
       * may overlap.
       */
     pub fn memmove(dst: &[mut u8], src: &[const u8], count: uint) {
-        assert dst.len() >= count;
-        assert src.len() >= count;
-
+        // Bound checks are done at vec::raw::memmove.
         unsafe { vec::raw::memmove(dst, src, count) }
     }
 }