blob: 9272c8d0f0de79cec0c675544186f72800e8a1e9 [file] [log] [blame]
// Protocol Buffers - Google's data interchange format
// Copyright 2023 Google LLC. All rights reserved.
//
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file or at
// https://developers.google.com/open-source/licenses/bsd
//! Items specific to `bytes` and `string` fields.
#![allow(dead_code)]
#![allow(unused)]
use crate::__internal::Private;
use crate::__runtime::{PtrAndLen, RawMessage};
use crate::{Mut, MutProxied, MutProxy, Optional, Proxied, View, ViewProxy};
use std::borrow::Cow;
use std::cmp::{Eq, Ord, Ordering, PartialEq, PartialOrd};
use std::convert::{AsMut, AsRef};
use std::fmt;
use std::hash::{Hash, Hasher};
use std::iter;
use std::ops::{Deref, DerefMut};
use utf8::Utf8Chunks;
impl Proxied for [u8] {
type View<'msg> = &'msg [u8];
}
impl<'msg> ViewProxy<'msg> for &'msg [u8] {
type Proxied = [u8];
fn as_view(&self) -> &[u8] {
self
}
fn into_view<'shorter>(self) -> &'shorter [u8]
where
'msg: 'shorter,
{
self
}
}
/// The bytes were not valid UTF-8.
#[derive(Debug, PartialEq)]
pub struct Utf8Error(pub(crate) ());
impl From<std::str::Utf8Error> for Utf8Error {
fn from(_: std::str::Utf8Error) -> Utf8Error {
Utf8Error(())
}
}
/// A shared immutable view of a protobuf `string` field's contents.
///
/// Like a `str`, it can be cheaply accessed as bytes and
/// is dynamically sized, requiring it be accessed through a pointer.
///
/// # UTF-8 and `&str` access
///
/// Protobuf [docs] state that a `string` field contains UTF-8 encoded text.
/// However, not every runtime enforces this, and the Rust runtime is designed
/// to integrate with other runtimes with FFI, like C++.
///
/// Because of this, in order to access the contents as a `&str`, users must
/// call [`ProtoStr::to_str`] to perform a (possibly runtime-elided) UTF-8
/// validation check. However, the Rust API only allows `set()`ting a `string`
/// field with data should be valid UTF-8 like a `&str` or a
/// `&ProtoStr`. This means that this check should rarely fail, but is necessary
/// to prevent UB when interacting with C++, which has looser restrictions.
///
/// Most of the time, users should not perform direct `&str` access to the
/// contents - this type implements `Display` and comparison with `str`,
/// so it's best to avoid a UTF-8 check by working directly with `&ProtoStr`
/// or converting to `&[u8]`.
///
/// # `Display` and `ToString`
/// `ProtoStr` is ordinarily UTF-8 and so implements `Display`. If there are
/// any invalid UTF-8 sequences, they are replaced with [`U+FFFD REPLACEMENT
/// CHARACTER`]. Because anything implementing `Display` also implements
/// `ToString`, `proto_str.to_string()` is equivalent to
/// `String::from_utf8_lossy(proto_str.as_bytes()).into_owned()`.
///
/// [docs]: https://protobuf.dev/programming-guides/proto2/#scalar
/// [dst]: https://doc.rust-lang.org/reference/dynamically-sized-types.html
/// [`U+FFFD REPLACEMENT CHARACTER`]: std::char::REPLACEMENT_CHARACTER
#[repr(transparent)]
pub struct ProtoStr([u8]);
impl ProtoStr {
/// Converts `self` to a byte slice.
///
/// Note: this type does not implement `Deref`; you must call `as_bytes()`
/// or `AsRef<[u8]>` to get access to bytes.
pub fn as_bytes(&self) -> &[u8] {
&self.0
}
/// Yields a `&str` slice if `self` contains valid UTF-8.
///
/// This may perform a runtime check, dependent on runtime.
///
/// `String::from_utf8_lossy(proto_str.as_bytes())` can be used to
/// infallibly construct a string, replacing invalid UTF-8 with
/// [`U+FFFD REPLACEMENT CHARACTER`].
///
/// [`U+FFFD REPLACEMENT CHARACTER`]: std::char::REPLACEMENT_CHARACTER
// This is not `try_to_str` since `to_str` is shorter, with `CStr` as precedent.
pub fn to_str(&self) -> Result<&str, Utf8Error> {
Ok(std::str::from_utf8(&self.0)?)
}
/// Converts `self` to a string, including invalid characters.
///
/// Invalid UTF-8 sequences are replaced with
/// [`U+FFFD REPLACEMENT CHARACTER`].
///
/// Users should be prefer this to `.to_string()` provided by `Display`.
/// `.to_cow_lossy()` is the same operation, but it may avoid an
/// allocation if the string is already UTF-8.
///
/// [`U+FFFD REPLACEMENT CHARACTER`]: std::char::REPLACEMENT_CHARACTER
//
// This method is named `to_string_lossy` in `CStr`, but since `to_string`
// also exists on this type, this name was chosen to avoid confusion.
pub fn to_cow_lossy(&self) -> Cow<'_, str> {
String::from_utf8_lossy(&self.0)
}
/// Returns `true` if `self` has a length of zero bytes.
pub fn is_empty(&self) -> bool {
self.0.is_empty()
}
/// Returns the length of `self`.
///
/// Like `&str`, this is a length in bytes, not `char`s or graphemes.
pub fn len(&self) -> usize {
self.0.len()
}
/// Iterates over the `char`s in this protobuf `string`.
///
/// Invalid UTF-8 sequences are replaced with
/// [`U+FFFD REPLACEMENT CHARACTER`].
///
/// [`U+FFFD REPLACEMENT CHARACTER`]: std::char::REPLACEMENT_CHARACTER
pub fn chars(&self) -> impl Iterator<Item = char> + '_ + fmt::Debug {
Utf8Chunks::new(self.as_bytes()).flat_map(|chunk| {
let mut yield_replacement_char = !chunk.invalid().is_empty();
chunk.valid().chars().chain(iter::from_fn(move || {
// Yield a single replacement character for every
// non-empty invalid sequence.
yield_replacement_char.then(|| {
yield_replacement_char = false;
char::REPLACEMENT_CHARACTER
})
}))
})
}
/// Returns an iterator over chunks of UTF-8 data in the string.
///
/// An `Ok(&str)` is yielded for every valid UTF-8 chunk, and an
/// `Err(&[u8])` for each non-UTF-8 chunk. An `Err` will be emitted
/// multiple times in a row for contiguous invalid chunks. Each invalid
/// chunk in an `Err` has a maximum length of 3 bytes.
pub fn utf8_chunks(&self) -> impl Iterator<Item = Result<&str, &[u8]>> + '_ {
Utf8Chunks::new(self.as_bytes()).flat_map(|chunk| {
let valid = chunk.valid();
let invalid = chunk.invalid();
(!valid.is_empty())
.then_some(Ok(valid))
.into_iter()
.chain((!invalid.is_empty()).then_some(Err(invalid)))
})
}
/// Converts known-UTF-8 bytes to a `ProtoStr` without a check.
///
/// # Safety
/// `bytes` must be valid UTF-8 if the current runtime requires it.
pub unsafe fn from_utf8_unchecked(bytes: &[u8]) -> &Self {
// SAFETY:
// - `ProtoStr` is `#[repr(transparent)]` over `[u8]`, so it has the same
// layout.
// - `ProtoStr` has the same pointer metadata and element size as `[u8]`.
unsafe { &*(bytes as *const [u8] as *const Self) }
}
/// Interprets a string slice as a `&ProtoStr`.
pub fn from_str(string: &str) -> &Self {
// SAFETY: `string.as_bytes()` is valid UTF-8.
unsafe { Self::from_utf8_unchecked(string.as_bytes()) }
}
}
impl AsRef<[u8]> for ProtoStr {
fn as_ref(&self) -> &[u8] {
self.as_bytes()
}
}
impl<'msg> From<&'msg ProtoStr> for &'msg [u8] {
fn from(val: &'msg ProtoStr) -> &'msg [u8] {
val.as_bytes()
}
}
impl<'msg> From<&'msg str> for &'msg ProtoStr {
fn from(val: &'msg str) -> &'msg ProtoStr {
ProtoStr::from_str(val)
}
}
impl<'msg> TryFrom<&'msg ProtoStr> for &'msg str {
type Error = Utf8Error;
fn try_from(val: &'msg ProtoStr) -> Result<&'msg str, Utf8Error> {
val.to_str()
}
}
impl<'msg> TryFrom<&'msg [u8]> for &'msg ProtoStr {
type Error = Utf8Error;
fn try_from(val: &'msg [u8]) -> Result<&'msg ProtoStr, Utf8Error> {
Ok(ProtoStr::from_str(std::str::from_utf8(val)?))
}
}
impl fmt::Debug for ProtoStr {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
fmt::Debug::fmt(&Utf8Chunks::new(self.as_bytes()).debug(), f)
}
}
impl fmt::Display for ProtoStr {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
use std::fmt::Write as _;
for chunk in Utf8Chunks::new(self.as_bytes()) {
fmt::Display::fmt(chunk.valid(), f)?;
if !chunk.invalid().is_empty() {
// One invalid chunk is emitted per detected invalid sequence.
f.write_char(char::REPLACEMENT_CHARACTER)?;
}
}
Ok(())
}
}
impl Hash for ProtoStr {
fn hash<H: Hasher>(&self, state: &mut H) {
self.as_bytes().hash(state)
}
}
impl Eq for ProtoStr {}
impl Ord for ProtoStr {
fn cmp(&self, other: &ProtoStr) -> Ordering {
self.as_bytes().cmp(other.as_bytes())
}
}
impl Proxied for ProtoStr {
type View<'msg> = &'msg ProtoStr;
}
impl<'msg> ViewProxy<'msg> for &'msg ProtoStr {
type Proxied = ProtoStr;
fn as_view(&self) -> &ProtoStr {
self
}
fn into_view<'shorter>(self) -> &'shorter ProtoStr
where
'msg: 'shorter,
{
self
}
}
// TODO: remove after IntoProxied has been implemented for
// ProtoStr.
impl AsRef<ProtoStr> for String {
fn as_ref(&self) -> &ProtoStr {
ProtoStr::from_str(self.as_str())
}
}
// TODO: remove after IntoProxied has been implemented for
// ProtoStr.
impl AsRef<ProtoStr> for &str {
fn as_ref(&self) -> &ProtoStr {
ProtoStr::from_str(self)
}
}
// TODO: remove after IntoProxied has been implemented for
// ProtoStr.
impl AsRef<ProtoStr> for &ProtoStr {
fn as_ref(&self) -> &ProtoStr {
self
}
}
/// Implements `PartialCmp` and `PartialEq` for the `lhs` against the `rhs`
/// using `AsRef<[u8]>`.
// TODO: consider improving to not require a `<()>` if no generics are
// needed
macro_rules! impl_bytes_partial_cmp {
($(<($($generics:tt)*)> $lhs:ty => $rhs:ty),+ $(,)?) => {
$(
impl<$($generics)*> PartialEq<$rhs> for $lhs {
fn eq(&self, other: &$rhs) -> bool {
AsRef::<[u8]>::as_ref(self) == AsRef::<[u8]>::as_ref(other)
}
}
impl<$($generics)*> PartialOrd<$rhs> for $lhs {
fn partial_cmp(&self, other: &$rhs) -> Option<Ordering> {
AsRef::<[u8]>::as_ref(self).partial_cmp(AsRef::<[u8]>::as_ref(other))
}
}
)*
};
}
impl_bytes_partial_cmp!(
// `ProtoStr` against protobuf types
<()> ProtoStr => ProtoStr,
// `ProtoStr` against foreign types
<()> ProtoStr => str,
<()> str => ProtoStr,
);
#[cfg(test)]
mod tests {
use super::*;
// TODO: Add unit tests
// Shorter and safe utility function to construct `ProtoStr` from bytes for
// testing.
fn test_proto_str(bytes: &[u8]) -> &ProtoStr {
// SAFETY: The runtime that this test executes under does not elide UTF-8 checks
// inside of `ProtoStr`.
unsafe { ProtoStr::from_utf8_unchecked(bytes) }
}
// UTF-8 test cases copied from:
// https://github.com/rust-lang/rust/blob/e8ee0b7/library/core/tests/str_lossy.rs
#[test]
fn proto_str_debug() {
assert_eq!(&format!("{:?}", test_proto_str(b"Hello There")), "\"Hello There\"");
assert_eq!(
&format!(
"{:?}",
test_proto_str(b"Hello\xC0\x80 There\xE6\x83 Goodbye\xf4\x8d\x93\xaa"),
),
"\"Hello\\xC0\\x80 There\\xE6\\x83 Goodbye\\u{10d4ea}\"",
);
}
#[test]
fn proto_str_display() {
assert_eq!(&test_proto_str(b"Hello There").to_string(), "Hello There");
assert_eq!(
&test_proto_str(b"Hello\xC0\x80 There\xE6\x83 Goodbye\xf4\x8d\x93\xaa").to_string(),
"Hello�� There� Goodbye\u{10d4ea}",
);
}
#[test]
fn proto_str_to_rust_str() {
assert_eq!(test_proto_str(b"hello").to_str(), Ok("hello"));
assert_eq!(test_proto_str("ศไทย中华Việt Nam".as_bytes()).to_str(), Ok("ศไทย中华Việt Nam"));
for expect_fail in [
&b"Hello\xC2 There\xFF Goodbye"[..],
b"Hello\xC0\x80 There\xE6\x83 Goodbye",
b"\xF5foo\xF5\x80bar",
b"\xF1foo\xF1\x80bar\xF1\x80\x80baz",
b"\xF4foo\xF4\x80bar\xF4\xBFbaz",
b"\xF0\x80\x80\x80foo\xF0\x90\x80\x80bar",
b"\xED\xA0\x80foo\xED\xBF\xBFbar",
] {
assert_eq!(test_proto_str(expect_fail).to_str(), Err(Utf8Error(())), "{expect_fail:?}");
}
}
#[test]
fn proto_str_to_cow() {
assert_eq!(test_proto_str(b"hello").to_cow_lossy(), Cow::Borrowed("hello"));
assert_eq!(
test_proto_str("ศไทย中华Việt Nam".as_bytes()).to_cow_lossy(),
Cow::Borrowed("ศไทย中华Việt Nam")
);
for (bytes, lossy_str) in [
(&b"Hello\xC2 There\xFF Goodbye"[..], "Hello� There� Goodbye"),
(b"Hello\xC0\x80 There\xE6\x83 Goodbye", "Hello�� There� Goodbye"),
(b"\xF5foo\xF5\x80bar", "�foo��bar"),
(b"\xF1foo\xF1\x80bar\xF1\x80\x80baz", "�foo�bar�baz"),
(b"\xF4foo\xF4\x80bar\xF4\xBFbaz", "�foo�bar��baz"),
(b"\xF0\x80\x80\x80foo\xF0\x90\x80\x80bar", "����foo\u{10000}bar"),
(b"\xED\xA0\x80foo\xED\xBF\xBFbar", "���foo���bar"),
] {
let cow = test_proto_str(bytes).to_cow_lossy();
assert!(matches!(cow, Cow::Owned(_)));
assert_eq!(&*cow, lossy_str, "{bytes:?}");
}
}
#[test]
fn proto_str_utf8_chunks() {
macro_rules! assert_chunks {
($bytes:expr, $($chunks:expr),* $(,)?) => {
let bytes = $bytes;
let chunks: &[Result<&str, &[u8]>] = &[$($chunks),*];
let s = test_proto_str(bytes);
let mut got_chunks = s.utf8_chunks();
let mut expected_chars = chunks.iter().copied();
assert!(got_chunks.eq(expected_chars), "{bytes:?} -> {chunks:?}");
};
}
assert_chunks!(b"hello", Ok("hello"));
assert_chunks!("ศไทย中华Việt Nam".as_bytes(), Ok("ศไทย中华Việt Nam"));
assert_chunks!(
b"Hello\xC2 There\xFF Goodbye",
Ok("Hello"),
Err(b"\xC2"),
Ok(" There"),
Err(b"\xFF"),
Ok(" Goodbye"),
);
assert_chunks!(
b"Hello\xC0\x80 There\xE6\x83 Goodbye",
Ok("Hello"),
Err(b"\xC0"),
Err(b"\x80"),
Ok(" There"),
Err(b"\xE6\x83"),
Ok(" Goodbye"),
);
assert_chunks!(
b"\xF5foo\xF5\x80bar",
Err(b"\xF5"),
Ok("foo"),
Err(b"\xF5"),
Err(b"\x80"),
Ok("bar"),
);
assert_chunks!(
b"\xF1foo\xF1\x80bar\xF1\x80\x80baz",
Err(b"\xF1"),
Ok("foo"),
Err(b"\xF1\x80"),
Ok("bar"),
Err(b"\xF1\x80\x80"),
Ok("baz"),
);
assert_chunks!(
b"\xF4foo\xF4\x80bar\xF4\xBFbaz",
Err(b"\xF4"),
Ok("foo"),
Err(b"\xF4\x80"),
Ok("bar"),
Err(b"\xF4"),
Err(b"\xBF"),
Ok("baz"),
);
assert_chunks!(
b"\xF0\x80\x80\x80foo\xF0\x90\x80\x80bar",
Err(b"\xF0"),
Err(b"\x80"),
Err(b"\x80"),
Err(b"\x80"),
Ok("foo\u{10000}bar"),
);
assert_chunks!(
b"\xED\xA0\x80foo\xED\xBF\xBFbar",
Err(b"\xED"),
Err(b"\xA0"),
Err(b"\x80"),
Ok("foo"),
Err(b"\xED"),
Err(b"\xBF"),
Err(b"\xBF"),
Ok("bar"),
);
}
#[test]
fn proto_str_chars() {
macro_rules! assert_chars {
($bytes:expr, $chars:expr) => {
let bytes = $bytes;
let chars = $chars;
let s = test_proto_str(bytes);
let mut got_chars = s.chars();
let mut expected_chars = chars.into_iter();
assert!(got_chars.eq(expected_chars), "{bytes:?} -> {chars:?}");
};
}
assert_chars!(b"hello", ['h', 'e', 'l', 'l', 'o']);
assert_chars!(
"ศไทย中华Việt Nam".as_bytes(),
['ศ', 'ไ', 'ท', 'ย', '中', '华', 'V', 'i', 'ệ', 't', ' ', 'N', 'a', 'm']
);
assert_chars!(
b"Hello\xC2 There\xFF Goodbye",
[
'H', 'e', 'l', 'l', 'o', '�', ' ', 'T', 'h', 'e', 'r', 'e', '�', ' ', 'G', 'o',
'o', 'd', 'b', 'y', 'e'
]
);
assert_chars!(
b"Hello\xC0\x80 There\xE6\x83 Goodbye",
[
'H', 'e', 'l', 'l', 'o', '�', '�', ' ', 'T', 'h', 'e', 'r', 'e', '�', ' ', 'G',
'o', 'o', 'd', 'b', 'y', 'e'
]
);
assert_chars!(b"\xF5foo\xF5\x80bar", ['�', 'f', 'o', 'o', '�', '�', 'b', 'a', 'r']);
assert_chars!(
b"\xF1foo\xF1\x80bar\xF1\x80\x80baz",
['�', 'f', 'o', 'o', '�', 'b', 'a', 'r', '�', 'b', 'a', 'z']
);
assert_chars!(
b"\xF4foo\xF4\x80bar\xF4\xBFbaz",
['�', 'f', 'o', 'o', '�', 'b', 'a', 'r', '�', '�', 'b', 'a', 'z']
);
assert_chars!(
b"\xF0\x80\x80\x80foo\xF0\x90\x80\x80bar",
['�', '�', '�', '�', 'f', 'o', 'o', '\u{10000}', 'b', 'a', 'r']
);
assert_chars!(
b"\xED\xA0\x80foo\xED\xBF\xBFbar",
['�', '�', '�', 'f', 'o', 'o', '�', '�', '�', 'b', 'a', 'r']
);
}
}