Skip to content

Use CStr::from_bytes_until_nul for safer string conversion#437

Open
simonrw wants to merge 1 commit intomainfrom
fix/buf-to-string-null-handling
Open

Use CStr::from_bytes_until_nul for safer string conversion#437
simonrw wants to merge 1 commit intomainfrom
fix/buf-to-string-null-handling

Conversation

@simonrw
Copy link
Owner

@simonrw simonrw commented Feb 10, 2026

Summary

  • buf_to_string used CStr::from_ptr which scans for a null terminator without any bounds check — if the buffer is not null-terminated it reads past the end
  • Replaced with CStr::from_bytes_until_nul which is bounded by the buffer length and returns an error if no null terminator is found

Test plan

  • All existing tests pass

🤖 Generated with Claude Code

@simonrw @claude
Use CStr::from_bytes_until_nul for safer null-terminator handling
a36aa2a 
buf_to_string previously used CStr::from_ptr which scans past the
buffer if it is not null-terminated. Switch to CStr::from_bytes_until_nul
which is bounded by the buffer length and returns an error if no null
terminator is found.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@coderabbitai
Copy link

coderabbitai bot commented Feb 10, 2026

Warning

Rate limit exceeded

@simonrw has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 27 minutes and 49 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch fix/buf-to-string-null-handling

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@codecov-commenter
Copy link

codecov-commenter commented Feb 10, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.5%. Comparing base (83b76a5) to head (a36aa2a).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files
Files with missing lines Coverage Δ
fitsio/src/stringutils.rs 95.5% <100.0%> (+0.2%) ⬆️

... and 2 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@simonrw @codecov-commenter