Fix unsoundness on invalid utf-8 inputs

Previously, unchecked user input bytes were passed into `str::from_utf8_unchecked`, which is unsound as it was within a safe function. It's been revised to check the user input and fail if there's invalid input.
rust-lang · Jun 7, 2021 · bb661f2 · bb661f2
1 parent 0e1ecba
commit bb661f2
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/src/lib.rs b/src/lib.rs
@@ -91,7 +91,10 @@ where
     let mut write_buffer = SmallVec::<[u8; BUFSIZE]>::new();
 
     // Let textwrap work its magic
-    let wrapped = fill(unsafe { str::from_utf8_unchecked(input) }, max_width);
+    let wrapped = fill(
+        str::from_utf8(input).map_err(|_| std::io::ErrorKind::InvalidData)?,
+        max_width,
+    );
 
     let lines: Vec<&str> = wrapped.lines().collect();