| 177 | #[ignore] |
| 178 | #[test] |
| 179 | fn zeroize_c_string() { |
| 180 | let mut cstring = CString::new("Hello, world!").expect("CString::new failed"); |
| 181 | let orig_len = cstring.as_bytes().len(); |
| 182 | let orig_ptr = cstring.as_bytes().as_ptr(); |
| 183 | cstring.zeroize(); |
| 184 | // This doesn't quite test that the original memory has been cleared, but only that |
| 185 | // cstring now owns an empty buffer |
| 186 | assert!(cstring.as_bytes().is_empty()); |
| 187 | for i in 0..orig_len { |
| 188 | unsafe { |
| 189 | // Using a simple deref, only one iteration of the loop is performed |
| 190 | // presumably because after zeroize, the internal buffer has a length of one/ |
| 191 | // `read_volatile` seems to "fix" this |
| 192 | // Note that this is very likely UB |
| 193 | assert_eq!(orig_ptr.add(i).read_volatile(), 0); |
| 194 | } |
| 195 | } |
| 196 | } |
| 197 | |
| 198 | #[cfg(feature = "alloc")] |
| 199 | #[test] |