2 use crate::borrow::{Borrow, Cow};
3 use crate::cmp::Ordering;
4 use crate::error::Error;
5 use crate::fmt::{self, Write};
9 use crate::num::NonZeroU8;
11 use crate::os::raw::c_char;
15 use crate::str::{self, Utf8Error};
19 /// A type representing an owned, C-compatible, nul-terminated string with no nul bytes in the
22 /// This type serves the purpose of being able to safely generate a
23 /// C-compatible string from a Rust byte slice or vector. An instance of this
24 /// type is a static guarantee that the underlying bytes contain no interior 0
25 /// bytes ("nul characters") and that the final byte is 0 ("nul terminator").
27 /// `CString` is to [`&CStr`] as [`String`] is to [`&str`]: the former
28 /// in each pair are owned strings; the latter are borrowed
31 /// # Creating a `CString`
33 /// A `CString` is created from either a byte slice or a byte vector,
34 /// or anything that implements [`Into`]`<`[`Vec`]`<`[`u8`]`>>` (for
35 /// example, you can build a `CString` straight out of a [`String`] or
36 /// a [`&str`], since both implement that trait).
38 /// The [`CString::new`] method will actually check that the provided `&[u8]`
39 /// does not have 0 bytes in the middle, and return an error if it
42 /// # Extracting a raw pointer to the whole C string
44 /// `CString` implements a [`as_ptr`][`CStr::as_ptr`] method through the [`Deref`]
45 /// trait. This method will give you a `*const c_char` which you can
46 /// feed directly to extern functions that expect a nul-terminated
47 /// string, like C's `strdup()`. Notice that [`as_ptr`][`CStr::as_ptr`] returns a
48 /// read-only pointer; if the C code writes to it, that causes
49 /// undefined behavior.
51 /// # Extracting a slice of the whole C string
53 /// Alternatively, you can obtain a `&[`[`u8`]`]` slice from a
54 /// `CString` with the [`CString::as_bytes`] method. Slices produced in this
55 /// way do *not* contain the trailing nul terminator. This is useful
56 /// when you will be calling an extern function that takes a `*const
57 /// u8` argument which is not necessarily nul-terminated, plus another
58 /// argument with the length of the string — like C's `strndup()`.
59 /// You can of course get the slice's length with its
60 /// [`len`][slice.len] method.
62 /// If you need a `&[`[`u8`]`]` slice *with* the nul terminator, you
63 /// can use [`CString::as_bytes_with_nul`] instead.
65 /// Once you have the kind of slice you need (with or without a nul
66 /// terminator), you can call the slice's own
67 /// [`as_ptr`][slice.as_ptr] method to get a read-only raw pointer to pass to
68 /// extern functions. See the documentation for that function for a
69 /// discussion on ensuring the lifetime of the raw pointer.
72 /// [slice.as_ptr]: ../primitive.slice.html#method.as_ptr
73 /// [slice.len]: ../primitive.slice.html#method.len
74 /// [`Deref`]: ops::Deref
79 /// ```ignore (extern-declaration)
81 /// use std::ffi::CString;
82 /// use std::os::raw::c_char;
85 /// fn my_printer(s: *const c_char);
88 /// // We are certain that our string doesn't have 0 bytes in the middle,
89 /// // so we can .expect()
90 /// let c_to_print = CString::new("Hello, world!").expect("CString::new failed");
92 /// my_printer(c_to_print.as_ptr());
99 /// `CString` is intended for working with traditional C-style strings
100 /// (a sequence of non-nul bytes terminated by a single nul byte); the
101 /// primary use case for these kinds of strings is interoperating with C-like
102 /// code. Often you will need to transfer ownership to/from that external
103 /// code. It is strongly recommended that you thoroughly read through the
104 /// documentation of `CString` before use, as improper ownership management
105 /// of `CString` instances can lead to invalid memory accesses, memory leaks,
106 /// and other memory errors.
107 #[derive(PartialEq, PartialOrd, Eq, Ord, Hash, Clone)]
108 #[stable(feature = "rust1", since = "1.0.0")]
110 // Invariant 1: the slice ends with a zero byte and has a length of at least one.
111 // Invariant 2: the slice contains only one zero byte.
112 // Improper usage of unsafe function can break Invariant 2, but not Invariant 1.
116 /// Representation of a borrowed C string.
118 /// This type represents a borrowed reference to a nul-terminated
119 /// array of bytes. It can be constructed safely from a `&[`[`u8`]`]`
120 /// slice, or unsafely from a raw `*const c_char`. It can then be
121 /// converted to a Rust [`&str`] by performing UTF-8 validation, or
122 /// into an owned [`CString`].
124 /// `&CStr` is to [`CString`] as [`&str`] is to [`String`]: the former
125 /// in each pair are borrowed references; the latter are owned
128 /// Note that this structure is **not** `repr(C)` and is not recommended to be
129 /// placed in the signatures of FFI functions. Instead, safe wrappers of FFI
130 /// functions may leverage the unsafe [`CStr::from_ptr`] constructor to provide
131 /// a safe interface to other consumers.
135 /// Inspecting a foreign C string:
137 /// ```ignore (extern-declaration)
138 /// use std::ffi::CStr;
139 /// use std::os::raw::c_char;
141 /// extern { fn my_string() -> *const c_char; }
144 /// let slice = CStr::from_ptr(my_string());
145 /// println!("string buffer size without nul terminator: {}", slice.to_bytes().len());
149 /// Passing a Rust-originating C string:
151 /// ```ignore (extern-declaration)
152 /// use std::ffi::{CString, CStr};
153 /// use std::os::raw::c_char;
155 /// fn work(data: &CStr) {
156 /// extern { fn work_with(data: *const c_char); }
158 /// unsafe { work_with(data.as_ptr()) }
161 /// let s = CString::new("data data data data").expect("CString::new failed");
165 /// Converting a foreign C string into a Rust [`String`]:
167 /// ```ignore (extern-declaration)
168 /// use std::ffi::CStr;
169 /// use std::os::raw::c_char;
171 /// extern { fn my_string() -> *const c_char; }
173 /// fn my_string_safe() -> String {
175 /// CStr::from_ptr(my_string()).to_string_lossy().into_owned()
179 /// println!("string: {}", my_string_safe());
184 #[stable(feature = "rust1", since = "1.0.0")]
186 // `fn from` in `impl From<&CStr> for Box<CStr>` current implementation relies
187 // on `CStr` being layout-compatible with `[u8]`.
188 // When attribute privacy is implemented, `CStr` should be annotated as `#[repr(transparent)]`.
189 // Anyway, `CStr` representation and layout are considered implementation detail, are
190 // not documented and must not be relied upon.
192 // FIXME: this should not be represented with a DST slice but rather with
193 // just a raw `c_char` along with some form of marker to make
194 // this an unsized type. Essentially `sizeof(&CStr)` should be the
195 // same as `sizeof(&c_char)` but `CStr` should be an unsized type.
199 /// An error indicating that an interior nul byte was found.
201 /// While Rust strings may contain nul bytes in the middle, C strings
202 /// can't, as that byte would effectively truncate the string.
204 /// This error is created by the [`new`][`CString::new`] method on
205 /// [`CString`]. See its documentation for more.
210 /// use std::ffi::{CString, NulError};
212 /// let _: NulError = CString::new(b"f\0oo".to_vec()).unwrap_err();
214 #[derive(Clone, PartialEq, Eq, Debug)]
215 #[stable(feature = "rust1", since = "1.0.0")]
216 pub struct NulError(usize, Vec<u8>);
218 /// An error indicating that a nul byte was not in the expected position.
220 /// The slice used to create a [`CStr`] must have one and only one nul byte,
221 /// positioned at the end.
223 /// This error is created by the [`CStr::from_bytes_with_nul`] method.
224 /// See its documentation for more.
229 /// use std::ffi::{CStr, FromBytesWithNulError};
231 /// let _: FromBytesWithNulError = CStr::from_bytes_with_nul(b"f\0oo").unwrap_err();
233 #[derive(Clone, PartialEq, Eq, Debug)]
234 #[stable(feature = "cstr_from_bytes", since = "1.10.0")]
235 pub struct FromBytesWithNulError {
236 kind: FromBytesWithNulErrorKind,
239 /// An error indicating that a nul byte was not in the expected position.
241 /// The vector used to create a [`CString`] must have one and only one nul byte,
242 /// positioned at the end.
244 /// This error is created by the [`CString::from_vec_with_nul`] method.
245 /// See its documentation for more.
250 /// #![feature(cstring_from_vec_with_nul)]
251 /// use std::ffi::{CString, FromVecWithNulError};
253 /// let _: FromVecWithNulError = CString::from_vec_with_nul(b"f\0oo".to_vec()).unwrap_err();
255 #[derive(Clone, PartialEq, Eq, Debug)]
256 #[unstable(feature = "cstring_from_vec_with_nul", issue = "73179")]
257 pub struct FromVecWithNulError {
258 error_kind: FromBytesWithNulErrorKind,
262 #[derive(Clone, PartialEq, Eq, Debug)]
263 enum FromBytesWithNulErrorKind {
268 impl FromBytesWithNulError {
269 fn interior_nul(pos: usize) -> FromBytesWithNulError {
270 FromBytesWithNulError { kind: FromBytesWithNulErrorKind::InteriorNul(pos) }
272 fn not_nul_terminated() -> FromBytesWithNulError {
273 FromBytesWithNulError { kind: FromBytesWithNulErrorKind::NotNulTerminated }
277 #[unstable(feature = "cstring_from_vec_with_nul", issue = "73179")]
278 impl FromVecWithNulError {
279 /// Returns a slice of [`u8`]s bytes that were attempted to convert to a [`CString`].
286 /// #![feature(cstring_from_vec_with_nul)]
287 /// use std::ffi::CString;
289 /// // Some invalid bytes in a vector
290 /// let bytes = b"f\0oo".to_vec();
292 /// let value = CString::from_vec_with_nul(bytes.clone());
294 /// assert_eq!(&bytes[..], value.unwrap_err().as_bytes());
296 pub fn as_bytes(&self) -> &[u8] {
300 /// Returns the bytes that were attempted to convert to a [`CString`].
302 /// This method is carefully constructed to avoid allocation. It will
303 /// consume the error, moving out the bytes, so that a copy of the bytes
304 /// does not need to be made.
311 /// #![feature(cstring_from_vec_with_nul)]
312 /// use std::ffi::CString;
314 /// // Some invalid bytes in a vector
315 /// let bytes = b"f\0oo".to_vec();
317 /// let value = CString::from_vec_with_nul(bytes.clone());
319 /// assert_eq!(bytes, value.unwrap_err().into_bytes());
321 pub fn into_bytes(self) -> Vec<u8> {
326 /// An error indicating invalid UTF-8 when converting a [`CString`] into a [`String`].
328 /// `CString` is just a wrapper over a buffer of bytes with a nul terminator;
329 /// [`CString::into_string`] performs UTF-8 validation on those bytes and may
330 /// return this error.
332 /// This `struct` is created by the [`CString::into_string`] method. See
333 /// its documentation for more.
334 #[derive(Clone, PartialEq, Eq, Debug)]
335 #[stable(feature = "cstring_into", since = "1.7.0")]
336 pub struct IntoStringError {
342 /// Creates a new C-compatible string from a container of bytes.
344 /// This function will consume the provided data and use the
345 /// underlying bytes to construct a new string, ensuring that
346 /// there is a trailing 0 byte. This trailing 0 byte will be
347 /// appended by this function; the provided data should *not*
348 /// contain any 0 bytes in it.
352 /// ```ignore (extern-declaration)
353 /// use std::ffi::CString;
354 /// use std::os::raw::c_char;
356 /// extern { fn puts(s: *const c_char); }
358 /// let to_print = CString::new("Hello!").expect("CString::new failed");
360 /// puts(to_print.as_ptr());
366 /// This function will return an error if the supplied bytes contain an
367 /// internal 0 byte. The [`NulError`] returned will contain the bytes as well as
368 /// the position of the nul byte.
369 #[stable(feature = "rust1", since = "1.0.0")]
370 pub fn new<T: Into<Vec<u8>>>(t: T) -> Result<CString, NulError> {
372 fn into_vec(self) -> Vec<u8>;
374 impl<T: Into<Vec<u8>>> SpecIntoVec for T {
375 default fn into_vec(self) -> Vec<u8> {
379 // Specialization for avoiding reallocation.
380 impl SpecIntoVec for &'_ [u8] {
381 fn into_vec(self) -> Vec<u8> {
382 let mut v = Vec::with_capacity(self.len() + 1);
387 impl SpecIntoVec for &'_ str {
388 fn into_vec(self) -> Vec<u8> {
389 let mut v = Vec::with_capacity(self.len() + 1);
390 v.extend(self.as_bytes());
395 Self::_new(SpecIntoVec::into_vec(t))
398 fn _new(bytes: Vec<u8>) -> Result<CString, NulError> {
399 match memchr::memchr(0, &bytes) {
400 Some(i) => Err(NulError(i, bytes)),
401 None => Ok(unsafe { CString::from_vec_unchecked(bytes) }),
405 /// Creates a C-compatible string by consuming a byte vector,
406 /// without checking for interior 0 bytes.
408 /// This method is equivalent to [`CString::new`] except that no runtime
409 /// assertion is made that `v` contains no 0 bytes, and it requires an
410 /// actual byte vector, not anything that can be converted to one with Into.
415 /// use std::ffi::CString;
417 /// let raw = b"foo".to_vec();
419 /// let c_string = CString::from_vec_unchecked(raw);
422 #[stable(feature = "rust1", since = "1.0.0")]
423 pub unsafe fn from_vec_unchecked(mut v: Vec<u8>) -> CString {
426 CString { inner: v.into_boxed_slice() }
429 /// Retakes ownership of a `CString` that was transferred to C via
430 /// [`CString::into_raw`].
432 /// Additionally, the length of the string will be recalculated from the pointer.
436 /// This should only ever be called with a pointer that was earlier
437 /// obtained by calling [`CString::into_raw`]. Other usage (e.g., trying to take
438 /// ownership of a string that was allocated by foreign code) is likely to lead
439 /// to undefined behavior or allocator corruption.
441 /// It should be noted that the length isn't just "recomputed," but that
442 /// the recomputed length must match the original length from the
443 /// [`CString::into_raw`] call. This means the [`CString::into_raw`]/`from_raw`
444 /// methods should not be used when passing the string to C functions that can
445 /// modify the string's length.
447 /// > **Note:** If you need to borrow a string that was allocated by
448 /// > foreign code, use [`CStr`]. If you need to take ownership of
449 /// > a string that was allocated by foreign code, you will need to
450 /// > make your own provisions for freeing it appropriately, likely
451 /// > with the foreign code's API to do that.
455 /// Creates a `CString`, pass ownership to an `extern` function (via raw pointer), then retake
456 /// ownership with `from_raw`:
458 /// ```ignore (extern-declaration)
459 /// use std::ffi::CString;
460 /// use std::os::raw::c_char;
463 /// fn some_extern_function(s: *mut c_char);
466 /// let c_string = CString::new("Hello!").expect("CString::new failed");
467 /// let raw = c_string.into_raw();
469 /// some_extern_function(raw);
470 /// let c_string = CString::from_raw(raw);
473 #[stable(feature = "cstr_memory", since = "1.4.0")]
474 pub unsafe fn from_raw(ptr: *mut c_char) -> CString {
475 let len = sys::strlen(ptr) + 1; // Including the NUL byte
476 let slice = slice::from_raw_parts_mut(ptr, len as usize);
477 CString { inner: Box::from_raw(slice as *mut [c_char] as *mut [u8]) }
480 /// Consumes the `CString` and transfers ownership of the string to a C caller.
482 /// The pointer which this function returns must be returned to Rust and reconstituted using
483 /// [`CString::from_raw`] to be properly deallocated. Specifically, one
484 /// should *not* use the standard C `free()` function to deallocate
487 /// Failure to call [`CString::from_raw`] will lead to a memory leak.
489 /// The C side must **not** modify the length of the string (by writing a
490 /// `NULL` somewhere inside the string or removing the final one) before
491 /// it makes it back into Rust using [`CString::from_raw`]. See the safety section
492 /// in [`CString::from_raw`].
497 /// use std::ffi::CString;
499 /// let c_string = CString::new("foo").expect("CString::new failed");
501 /// let ptr = c_string.into_raw();
504 /// assert_eq!(b'f', *ptr as u8);
505 /// assert_eq!(b'o', *ptr.offset(1) as u8);
506 /// assert_eq!(b'o', *ptr.offset(2) as u8);
507 /// assert_eq!(b'\0', *ptr.offset(3) as u8);
509 /// // retake pointer to free memory
510 /// let _ = CString::from_raw(ptr);
514 #[stable(feature = "cstr_memory", since = "1.4.0")]
515 pub fn into_raw(self) -> *mut c_char {
516 Box::into_raw(self.into_inner()) as *mut c_char
519 /// Converts the `CString` into a [`String`] if it contains valid UTF-8 data.
521 /// On failure, ownership of the original `CString` is returned.
526 /// use std::ffi::CString;
528 /// let valid_utf8 = vec![b'f', b'o', b'o'];
529 /// let cstring = CString::new(valid_utf8).expect("CString::new failed");
530 /// assert_eq!(cstring.into_string().expect("into_string() call failed"), "foo");
532 /// let invalid_utf8 = vec![b'f', 0xff, b'o', b'o'];
533 /// let cstring = CString::new(invalid_utf8).expect("CString::new failed");
534 /// let err = cstring.into_string().err().expect("into_string().err() failed");
535 /// assert_eq!(err.utf8_error().valid_up_to(), 1);
538 #[stable(feature = "cstring_into", since = "1.7.0")]
539 pub fn into_string(self) -> Result<String, IntoStringError> {
540 String::from_utf8(self.into_bytes()).map_err(|e| IntoStringError {
541 error: e.utf8_error(),
542 inner: unsafe { CString::from_vec_unchecked(e.into_bytes()) },
546 /// Consumes the `CString` and returns the underlying byte buffer.
548 /// The returned buffer does **not** contain the trailing nul
549 /// terminator, and it is guaranteed to not have any interior nul
555 /// use std::ffi::CString;
557 /// let c_string = CString::new("foo").expect("CString::new failed");
558 /// let bytes = c_string.into_bytes();
559 /// assert_eq!(bytes, vec![b'f', b'o', b'o']);
561 #[stable(feature = "cstring_into", since = "1.7.0")]
562 pub fn into_bytes(self) -> Vec<u8> {
563 let mut vec = self.into_inner().into_vec();
564 let _nul = vec.pop();
565 debug_assert_eq!(_nul, Some(0u8));
569 /// Equivalent to the [`CString::into_bytes`] function except that the
570 /// returned vector includes the trailing nul terminator.
575 /// use std::ffi::CString;
577 /// let c_string = CString::new("foo").expect("CString::new failed");
578 /// let bytes = c_string.into_bytes_with_nul();
579 /// assert_eq!(bytes, vec![b'f', b'o', b'o', b'\0']);
581 #[stable(feature = "cstring_into", since = "1.7.0")]
582 pub fn into_bytes_with_nul(self) -> Vec<u8> {
583 self.into_inner().into_vec()
586 /// Returns the contents of this `CString` as a slice of bytes.
588 /// The returned slice does **not** contain the trailing nul
589 /// terminator, and it is guaranteed to not have any interior nul
590 /// bytes. If you need the nul terminator, use
591 /// [`CString::as_bytes_with_nul`] instead.
596 /// use std::ffi::CString;
598 /// let c_string = CString::new("foo").expect("CString::new failed");
599 /// let bytes = c_string.as_bytes();
600 /// assert_eq!(bytes, &[b'f', b'o', b'o']);
603 #[stable(feature = "rust1", since = "1.0.0")]
604 pub fn as_bytes(&self) -> &[u8] {
605 &self.inner[..self.inner.len() - 1]
608 /// Equivalent to the [`CString::as_bytes`] function except that the
609 /// returned slice includes the trailing nul terminator.
614 /// use std::ffi::CString;
616 /// let c_string = CString::new("foo").expect("CString::new failed");
617 /// let bytes = c_string.as_bytes_with_nul();
618 /// assert_eq!(bytes, &[b'f', b'o', b'o', b'\0']);
621 #[stable(feature = "rust1", since = "1.0.0")]
622 pub fn as_bytes_with_nul(&self) -> &[u8] {
626 /// Extracts a [`CStr`] slice containing the entire string.
631 /// use std::ffi::{CString, CStr};
633 /// let c_string = CString::new(b"foo".to_vec()).expect("CString::new failed");
634 /// let cstr = c_string.as_c_str();
636 /// CStr::from_bytes_with_nul(b"foo\0").expect("CStr::from_bytes_with_nul failed"));
639 #[stable(feature = "as_c_str", since = "1.20.0")]
640 pub fn as_c_str(&self) -> &CStr {
644 /// Converts this `CString` into a boxed [`CStr`].
649 /// use std::ffi::{CString, CStr};
651 /// let c_string = CString::new(b"foo".to_vec()).expect("CString::new failed");
652 /// let boxed = c_string.into_boxed_c_str();
653 /// assert_eq!(&*boxed,
654 /// CStr::from_bytes_with_nul(b"foo\0").expect("CStr::from_bytes_with_nul failed"));
656 #[stable(feature = "into_boxed_c_str", since = "1.20.0")]
657 pub fn into_boxed_c_str(self) -> Box<CStr> {
658 unsafe { Box::from_raw(Box::into_raw(self.into_inner()) as *mut CStr) }
661 /// Bypass "move out of struct which implements [`Drop`] trait" restriction.
662 fn into_inner(self) -> Box<[u8]> {
663 // Rationale: `mem::forget(self)` invalidates the previous call to `ptr::read(&self.inner)`
664 // so we use `ManuallyDrop` to ensure `self` is not dropped.
665 // Then we can return the box directly without invalidating it.
666 // See https://github.com/rust-lang/rust/issues/62553.
667 let this = mem::ManuallyDrop::new(self);
668 unsafe { ptr::read(&this.inner) }
671 /// Converts a [`Vec`]`<u8>` to a [`CString`] without checking the
672 /// invariants on the given [`Vec`].
676 /// The given [`Vec`] **must** have one nul byte as its last element.
677 /// This means it cannot be empty nor have any other nul byte anywhere else.
682 /// #![feature(cstring_from_vec_with_nul)]
683 /// use std::ffi::CString;
685 /// unsafe { CString::from_vec_with_nul_unchecked(b"abc\0".to_vec()) },
686 /// unsafe { CString::from_vec_unchecked(b"abc".to_vec()) }
689 #[unstable(feature = "cstring_from_vec_with_nul", issue = "73179")]
690 pub unsafe fn from_vec_with_nul_unchecked(v: Vec<u8>) -> Self {
691 Self { inner: v.into_boxed_slice() }
694 /// Attempts to converts a [`Vec`]`<u8>` to a [`CString`].
696 /// Runtime checks are present to ensure there is only one nul byte in the
697 /// [`Vec`], its last element.
701 /// If a nul byte is present and not the last element or no nul bytes
702 /// is present, an error will be returned.
706 /// A successful conversion will produce the same result as [`CString::new`]
707 /// when called without the ending nul byte.
710 /// #![feature(cstring_from_vec_with_nul)]
711 /// use std::ffi::CString;
713 /// CString::from_vec_with_nul(b"abc\0".to_vec())
714 /// .expect("CString::from_vec_with_nul failed"),
715 /// CString::new(b"abc".to_vec()).expect("CString::new failed")
719 /// A incorrectly formatted [`Vec`] will produce an error.
722 /// #![feature(cstring_from_vec_with_nul)]
723 /// use std::ffi::{CString, FromVecWithNulError};
724 /// // Interior nul byte
725 /// let _: FromVecWithNulError = CString::from_vec_with_nul(b"a\0bc".to_vec()).unwrap_err();
727 /// let _: FromVecWithNulError = CString::from_vec_with_nul(b"abc".to_vec()).unwrap_err();
729 #[unstable(feature = "cstring_from_vec_with_nul", issue = "73179")]
730 pub fn from_vec_with_nul(v: Vec<u8>) -> Result<Self, FromVecWithNulError> {
731 let nul_pos = memchr::memchr(0, &v);
733 Some(nul_pos) if nul_pos + 1 == v.len() => {
734 // SAFETY: We know there is only one nul byte, at the end
736 Ok(unsafe { Self::from_vec_with_nul_unchecked(v) })
738 Some(nul_pos) => Err(FromVecWithNulError {
739 error_kind: FromBytesWithNulErrorKind::InteriorNul(nul_pos),
742 None => Err(FromVecWithNulError {
743 error_kind: FromBytesWithNulErrorKind::NotNulTerminated,
750 // Turns this `CString` into an empty string to prevent
751 // memory-unsafe code from working by accident. Inline
752 // to prevent LLVM from optimizing it away in debug builds.
753 #[stable(feature = "cstring_drop", since = "1.13.0")]
754 impl Drop for CString {
758 *self.inner.get_unchecked_mut(0) = 0;
763 #[stable(feature = "rust1", since = "1.0.0")]
764 impl ops::Deref for CString {
768 fn deref(&self) -> &CStr {
769 unsafe { CStr::from_bytes_with_nul_unchecked(self.as_bytes_with_nul()) }
773 #[stable(feature = "rust1", since = "1.0.0")]
774 impl fmt::Debug for CString {
775 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
776 fmt::Debug::fmt(&**self, f)
780 #[stable(feature = "cstring_into", since = "1.7.0")]
781 impl From<CString> for Vec<u8> {
782 /// Converts a [`CString`] into a [`Vec`]`<u8>`.
784 /// The conversion consumes the [`CString`], and removes the terminating NUL byte.
786 fn from(s: CString) -> Vec<u8> {
791 #[stable(feature = "cstr_debug", since = "1.3.0")]
792 impl fmt::Debug for CStr {
793 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
795 for byte in self.to_bytes().iter().flat_map(|&b| ascii::escape_default(b)) {
796 f.write_char(byte as char)?;
802 #[stable(feature = "cstr_default", since = "1.10.0")]
803 impl Default for &CStr {
804 fn default() -> Self {
805 const SLICE: &[c_char] = &[0];
806 unsafe { CStr::from_ptr(SLICE.as_ptr()) }
810 #[stable(feature = "cstr_default", since = "1.10.0")]
811 impl Default for CString {
812 /// Creates an empty `CString`.
813 fn default() -> CString {
814 let a: &CStr = Default::default();
819 #[stable(feature = "cstr_borrow", since = "1.3.0")]
820 impl Borrow<CStr> for CString {
822 fn borrow(&self) -> &CStr {
827 #[stable(feature = "cstring_from_cow_cstr", since = "1.28.0")]
828 impl<'a> From<Cow<'a, CStr>> for CString {
830 fn from(s: Cow<'a, CStr>) -> Self {
835 #[stable(feature = "box_from_c_str", since = "1.17.0")]
836 impl From<&CStr> for Box<CStr> {
837 fn from(s: &CStr) -> Box<CStr> {
838 let boxed: Box<[u8]> = Box::from(s.to_bytes_with_nul());
839 unsafe { Box::from_raw(Box::into_raw(boxed) as *mut CStr) }
843 #[stable(feature = "box_from_cow", since = "1.45.0")]
844 impl From<Cow<'_, CStr>> for Box<CStr> {
846 fn from(cow: Cow<'_, CStr>) -> Box<CStr> {
848 Cow::Borrowed(s) => Box::from(s),
849 Cow::Owned(s) => Box::from(s),
854 #[stable(feature = "c_string_from_box", since = "1.18.0")]
855 impl From<Box<CStr>> for CString {
856 /// Converts a [`Box`]`<CStr>` into a [`CString`] without copying or allocating.
858 fn from(s: Box<CStr>) -> CString {
863 #[stable(feature = "cstring_from_vec_of_nonzerou8", since = "1.43.0")]
864 impl From<Vec<NonZeroU8>> for CString {
865 /// Converts a [`Vec`]`<`[`NonZeroU8`]`>` into a [`CString`] without
866 /// copying nor checking for inner null bytes.
868 fn from(v: Vec<NonZeroU8>) -> CString {
870 // Transmute `Vec<NonZeroU8>` to `Vec<u8>`.
873 // - transmuting between `NonZeroU8` and `u8` is sound;
874 // - `alloc::Layout<NonZeroU8> == alloc::Layout<u8>`.
875 let (ptr, len, cap): (*mut NonZeroU8, _, _) = Vec::into_raw_parts(v);
876 Vec::from_raw_parts(ptr.cast::<u8>(), len, cap)
878 // Safety: `v` cannot contain null bytes, given the type-level
879 // invariant of `NonZeroU8`.
880 CString::from_vec_unchecked(v)
885 #[stable(feature = "more_box_slice_clone", since = "1.29.0")]
886 impl Clone for Box<CStr> {
888 fn clone(&self) -> Self {
893 #[stable(feature = "box_from_c_string", since = "1.20.0")]
894 impl From<CString> for Box<CStr> {
895 /// Converts a [`CString`] into a [`Box`]`<CStr>` without copying or allocating.
897 fn from(s: CString) -> Box<CStr> {
902 #[stable(feature = "cow_from_cstr", since = "1.28.0")]
903 impl<'a> From<CString> for Cow<'a, CStr> {
905 fn from(s: CString) -> Cow<'a, CStr> {
910 #[stable(feature = "cow_from_cstr", since = "1.28.0")]
911 impl<'a> From<&'a CStr> for Cow<'a, CStr> {
913 fn from(s: &'a CStr) -> Cow<'a, CStr> {
918 #[stable(feature = "cow_from_cstr", since = "1.28.0")]
919 impl<'a> From<&'a CString> for Cow<'a, CStr> {
921 fn from(s: &'a CString) -> Cow<'a, CStr> {
922 Cow::Borrowed(s.as_c_str())
926 #[stable(feature = "shared_from_slice2", since = "1.24.0")]
927 impl From<CString> for Arc<CStr> {
928 /// Converts a [`CString`] into a [`Arc`]`<CStr>` without copying or allocating.
930 fn from(s: CString) -> Arc<CStr> {
931 let arc: Arc<[u8]> = Arc::from(s.into_inner());
932 unsafe { Arc::from_raw(Arc::into_raw(arc) as *const CStr) }
936 #[stable(feature = "shared_from_slice2", since = "1.24.0")]
937 impl From<&CStr> for Arc<CStr> {
939 fn from(s: &CStr) -> Arc<CStr> {
940 let arc: Arc<[u8]> = Arc::from(s.to_bytes_with_nul());
941 unsafe { Arc::from_raw(Arc::into_raw(arc) as *const CStr) }
945 #[stable(feature = "shared_from_slice2", since = "1.24.0")]
946 impl From<CString> for Rc<CStr> {
947 /// Converts a [`CString`] into a [`Rc`]`<CStr>` without copying or allocating.
949 fn from(s: CString) -> Rc<CStr> {
950 let rc: Rc<[u8]> = Rc::from(s.into_inner());
951 unsafe { Rc::from_raw(Rc::into_raw(rc) as *const CStr) }
955 #[stable(feature = "shared_from_slice2", since = "1.24.0")]
956 impl From<&CStr> for Rc<CStr> {
958 fn from(s: &CStr) -> Rc<CStr> {
959 let rc: Rc<[u8]> = Rc::from(s.to_bytes_with_nul());
960 unsafe { Rc::from_raw(Rc::into_raw(rc) as *const CStr) }
964 #[stable(feature = "default_box_extra", since = "1.17.0")]
965 impl Default for Box<CStr> {
966 fn default() -> Box<CStr> {
967 let boxed: Box<[u8]> = Box::from([0]);
968 unsafe { Box::from_raw(Box::into_raw(boxed) as *mut CStr) }
973 /// Returns the position of the nul byte in the slice that caused
974 /// [`CString::new`] to fail.
979 /// use std::ffi::CString;
981 /// let nul_error = CString::new("foo\0bar").unwrap_err();
982 /// assert_eq!(nul_error.nul_position(), 3);
984 /// let nul_error = CString::new("foo bar\0").unwrap_err();
985 /// assert_eq!(nul_error.nul_position(), 7);
987 #[stable(feature = "rust1", since = "1.0.0")]
988 pub fn nul_position(&self) -> usize {
992 /// Consumes this error, returning the underlying vector of bytes which
993 /// generated the error in the first place.
998 /// use std::ffi::CString;
1000 /// let nul_error = CString::new("foo\0bar").unwrap_err();
1001 /// assert_eq!(nul_error.into_vec(), b"foo\0bar");
1003 #[stable(feature = "rust1", since = "1.0.0")]
1004 pub fn into_vec(self) -> Vec<u8> {
1009 #[stable(feature = "rust1", since = "1.0.0")]
1010 impl Error for NulError {
1011 #[allow(deprecated)]
1012 fn description(&self) -> &str {
1013 "nul byte found in data"
1017 #[stable(feature = "rust1", since = "1.0.0")]
1018 impl fmt::Display for NulError {
1019 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
1020 write!(f, "nul byte found in provided data at position: {}", self.0)
1024 #[stable(feature = "rust1", since = "1.0.0")]
1025 impl From<NulError> for io::Error {
1026 /// Converts a [`NulError`] into a [`io::Error`].
1027 fn from(_: NulError) -> io::Error {
1028 io::Error::new(io::ErrorKind::InvalidInput, "data provided contains a nul byte")
1032 #[stable(feature = "frombyteswithnulerror_impls", since = "1.17.0")]
1033 impl Error for FromBytesWithNulError {
1034 #[allow(deprecated)]
1035 fn description(&self) -> &str {
1037 FromBytesWithNulErrorKind::InteriorNul(..) => {
1038 "data provided contains an interior nul byte"
1040 FromBytesWithNulErrorKind::NotNulTerminated => "data provided is not nul terminated",
1045 #[stable(feature = "frombyteswithnulerror_impls", since = "1.17.0")]
1046 impl fmt::Display for FromBytesWithNulError {
1047 #[allow(deprecated, deprecated_in_future)]
1048 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
1049 f.write_str(self.description())?;
1050 if let FromBytesWithNulErrorKind::InteriorNul(pos) = self.kind {
1051 write!(f, " at byte pos {}", pos)?;
1057 #[unstable(feature = "cstring_from_vec_with_nul", issue = "73179")]
1058 impl Error for FromVecWithNulError {}
1060 #[unstable(feature = "cstring_from_vec_with_nul", issue = "73179")]
1061 impl fmt::Display for FromVecWithNulError {
1062 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
1063 match self.error_kind {
1064 FromBytesWithNulErrorKind::InteriorNul(pos) => {
1065 write!(f, "data provided contains an interior nul byte at pos {}", pos)
1067 FromBytesWithNulErrorKind::NotNulTerminated => {
1068 write!(f, "data provided is not nul terminated")
1074 impl IntoStringError {
1075 /// Consumes this error, returning original [`CString`] which generated the
1077 #[stable(feature = "cstring_into", since = "1.7.0")]
1078 pub fn into_cstring(self) -> CString {
1082 /// Access the underlying UTF-8 error that was the cause of this error.
1083 #[stable(feature = "cstring_into", since = "1.7.0")]
1084 pub fn utf8_error(&self) -> Utf8Error {
1089 #[stable(feature = "cstring_into", since = "1.7.0")]
1090 impl Error for IntoStringError {
1091 #[allow(deprecated)]
1092 fn description(&self) -> &str {
1093 "C string contained non-utf8 bytes"
1096 fn source(&self) -> Option<&(dyn Error + 'static)> {
1101 #[stable(feature = "cstring_into", since = "1.7.0")]
1102 impl fmt::Display for IntoStringError {
1103 #[allow(deprecated, deprecated_in_future)]
1104 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
1105 self.description().fmt(f)
1110 /// Wraps a raw C string with a safe C string wrapper.
1112 /// This function will wrap the provided `ptr` with a `CStr` wrapper, which
1113 /// allows inspection and interoperation of non-owned C strings. The total
1114 /// size of the raw C string must be smaller than `isize::MAX` **bytes**
1115 /// in memory due to calling the `slice::from_raw_parts` function.
1116 /// This method is unsafe for a number of reasons:
1118 /// * There is no guarantee to the validity of `ptr`.
1119 /// * The returned lifetime is not guaranteed to be the actual lifetime of
1121 /// * There is no guarantee that the memory pointed to by `ptr` contains a
1122 /// valid nul terminator byte at the end of the string.
1123 /// * It is not guaranteed that the memory pointed by `ptr` won't change
1124 /// before the `CStr` has been destroyed.
1126 /// > **Note**: This operation is intended to be a 0-cost cast but it is
1127 /// > currently implemented with an up-front calculation of the length of
1128 /// > the string. This is not guaranteed to always be the case.
1132 /// ```ignore (extern-declaration)
1134 /// use std::ffi::CStr;
1135 /// use std::os::raw::c_char;
1138 /// fn my_string() -> *const c_char;
1142 /// let slice = CStr::from_ptr(my_string());
1143 /// println!("string returned: {}", slice.to_str().unwrap());
1147 #[stable(feature = "rust1", since = "1.0.0")]
1148 pub unsafe fn from_ptr<'a>(ptr: *const c_char) -> &'a CStr {
1149 let len = sys::strlen(ptr);
1150 let ptr = ptr as *const u8;
1151 CStr::from_bytes_with_nul_unchecked(slice::from_raw_parts(ptr, len as usize + 1))
1154 /// Creates a C string wrapper from a byte slice.
1156 /// This function will cast the provided `bytes` to a `CStr`
1157 /// wrapper after ensuring that the byte slice is nul-terminated
1158 /// and does not contain any interior nul bytes.
1163 /// use std::ffi::CStr;
1165 /// let cstr = CStr::from_bytes_with_nul(b"hello\0");
1166 /// assert!(cstr.is_ok());
1169 /// Creating a `CStr` without a trailing nul terminator is an error:
1172 /// use std::ffi::CStr;
1174 /// let cstr = CStr::from_bytes_with_nul(b"hello");
1175 /// assert!(cstr.is_err());
1178 /// Creating a `CStr` with an interior nul byte is an error:
1181 /// use std::ffi::CStr;
1183 /// let cstr = CStr::from_bytes_with_nul(b"he\0llo\0");
1184 /// assert!(cstr.is_err());
1186 #[stable(feature = "cstr_from_bytes", since = "1.10.0")]
1187 pub fn from_bytes_with_nul(bytes: &[u8]) -> Result<&CStr, FromBytesWithNulError> {
1188 let nul_pos = memchr::memchr(0, bytes);
1189 if let Some(nul_pos) = nul_pos {
1190 if nul_pos + 1 != bytes.len() {
1191 return Err(FromBytesWithNulError::interior_nul(nul_pos));
1193 Ok(unsafe { CStr::from_bytes_with_nul_unchecked(bytes) })
1195 Err(FromBytesWithNulError::not_nul_terminated())
1199 /// Unsafely creates a C string wrapper from a byte slice.
1201 /// This function will cast the provided `bytes` to a `CStr` wrapper without
1202 /// performing any sanity checks. The provided slice **must** be nul-terminated
1203 /// and not contain any interior nul bytes.
1208 /// use std::ffi::{CStr, CString};
1211 /// let cstring = CString::new("hello").expect("CString::new failed");
1212 /// let cstr = CStr::from_bytes_with_nul_unchecked(cstring.to_bytes_with_nul());
1213 /// assert_eq!(cstr, &*cstring);
1217 #[stable(feature = "cstr_from_bytes", since = "1.10.0")]
1218 #[rustc_const_unstable(feature = "const_cstr_unchecked", issue = "none")]
1219 pub const unsafe fn from_bytes_with_nul_unchecked(bytes: &[u8]) -> &CStr {
1220 &*(bytes as *const [u8] as *const CStr)
1223 /// Returns the inner pointer to this C string.
1225 /// The returned pointer will be valid for as long as `self` is, and points
1226 /// to a contiguous region of memory terminated with a 0 byte to represent
1227 /// the end of the string.
1231 /// The returned pointer is read-only; writing to it (including passing it
1232 /// to C code that writes to it) causes undefined behavior.
1234 /// It is your responsibility to make sure that the underlying memory is not
1235 /// freed too early. For example, the following code will cause undefined
1236 /// behavior when `ptr` is used inside the `unsafe` block:
1239 /// # #![allow(unused_must_use)]
1240 /// use std::ffi::CString;
1242 /// let ptr = CString::new("Hello").expect("CString::new failed").as_ptr();
1244 /// // `ptr` is dangling
1249 /// This happens because the pointer returned by `as_ptr` does not carry any
1250 /// lifetime information and the [`CString`] is deallocated immediately after
1251 /// the `CString::new("Hello").expect("CString::new failed").as_ptr()`
1252 /// expression is evaluated.
1253 /// To fix the problem, bind the `CString` to a local variable:
1256 /// # #![allow(unused_must_use)]
1257 /// use std::ffi::CString;
1259 /// let hello = CString::new("Hello").expect("CString::new failed");
1260 /// let ptr = hello.as_ptr();
1262 /// // `ptr` is valid because `hello` is in scope
1267 /// This way, the lifetime of the [`CString`] in `hello` encompasses
1268 /// the lifetime of `ptr` and the `unsafe` block.
1270 #[stable(feature = "rust1", since = "1.0.0")]
1271 #[rustc_const_stable(feature = "const_str_as_ptr", since = "1.32.0")]
1272 pub const fn as_ptr(&self) -> *const c_char {
1276 /// Converts this C string to a byte slice.
1278 /// The returned slice will **not** contain the trailing nul terminator that this C
1281 /// > **Note**: This method is currently implemented as a constant-time
1282 /// > cast, but it is planned to alter its definition in the future to
1283 /// > perform the length calculation whenever this method is called.
1288 /// use std::ffi::CStr;
1290 /// let cstr = CStr::from_bytes_with_nul(b"foo\0").expect("CStr::from_bytes_with_nul failed");
1291 /// assert_eq!(cstr.to_bytes(), b"foo");
1294 #[stable(feature = "rust1", since = "1.0.0")]
1295 pub fn to_bytes(&self) -> &[u8] {
1296 let bytes = self.to_bytes_with_nul();
1297 &bytes[..bytes.len() - 1]
1300 /// Converts this C string to a byte slice containing the trailing 0 byte.
1302 /// This function is the equivalent of [`CStr::to_bytes`] except that it
1303 /// will retain the trailing nul terminator instead of chopping it off.
1305 /// > **Note**: This method is currently implemented as a 0-cost cast, but
1306 /// > it is planned to alter its definition in the future to perform the
1307 /// > length calculation whenever this method is called.
1312 /// use std::ffi::CStr;
1314 /// let cstr = CStr::from_bytes_with_nul(b"foo\0").expect("CStr::from_bytes_with_nul failed");
1315 /// assert_eq!(cstr.to_bytes_with_nul(), b"foo\0");
1318 #[stable(feature = "rust1", since = "1.0.0")]
1319 pub fn to_bytes_with_nul(&self) -> &[u8] {
1320 unsafe { &*(&self.inner as *const [c_char] as *const [u8]) }
1323 /// Yields a [`&str`] slice if the `CStr` contains valid UTF-8.
1325 /// If the contents of the `CStr` are valid UTF-8 data, this
1326 /// function will return the corresponding [`&str`] slice. Otherwise,
1327 /// it will return an error with details of where UTF-8 validation failed.
1334 /// use std::ffi::CStr;
1336 /// let cstr = CStr::from_bytes_with_nul(b"foo\0").expect("CStr::from_bytes_with_nul failed");
1337 /// assert_eq!(cstr.to_str(), Ok("foo"));
1339 #[stable(feature = "cstr_to_str", since = "1.4.0")]
1340 pub fn to_str(&self) -> Result<&str, str::Utf8Error> {
1341 // N.B., when `CStr` is changed to perform the length check in `.to_bytes()`
1342 // instead of in `from_ptr()`, it may be worth considering if this should
1343 // be rewritten to do the UTF-8 check inline with the length calculation
1344 // instead of doing it afterwards.
1345 str::from_utf8(self.to_bytes())
1348 /// Converts a `CStr` into a [`Cow`]`<`[`str`]`>`.
1350 /// If the contents of the `CStr` are valid UTF-8 data, this
1351 /// function will return a [`Cow`]`::`[`Borrowed`]`(`[`&str`]`)`
1352 /// with the corresponding [`&str`] slice. Otherwise, it will
1353 /// replace any invalid UTF-8 sequences with
1354 /// [`U+FFFD REPLACEMENT CHARACTER`][U+FFFD] and return a
1355 /// [`Cow`]`::`[`Owned`]`(`[`String`]`)` with the result.
1357 /// [`Borrowed`]: Cow::Borrowed
1358 /// [`Owned`]: Cow::Owned
1359 /// [U+FFFD]: crate::char::REPLACEMENT_CHARACTER
1363 /// Calling `to_string_lossy` on a `CStr` containing valid UTF-8:
1366 /// use std::borrow::Cow;
1367 /// use std::ffi::CStr;
1369 /// let cstr = CStr::from_bytes_with_nul(b"Hello World\0")
1370 /// .expect("CStr::from_bytes_with_nul failed");
1371 /// assert_eq!(cstr.to_string_lossy(), Cow::Borrowed("Hello World"));
1374 /// Calling `to_string_lossy` on a `CStr` containing invalid UTF-8:
1377 /// use std::borrow::Cow;
1378 /// use std::ffi::CStr;
1380 /// let cstr = CStr::from_bytes_with_nul(b"Hello \xF0\x90\x80World\0")
1381 /// .expect("CStr::from_bytes_with_nul failed");
1383 /// cstr.to_string_lossy(),
1384 /// Cow::Owned(String::from("Hello �World")) as Cow<'_, str>
1387 #[stable(feature = "cstr_to_str", since = "1.4.0")]
1388 pub fn to_string_lossy(&self) -> Cow<'_, str> {
1389 String::from_utf8_lossy(self.to_bytes())
1392 /// Converts a [`Box`]`<CStr>` into a [`CString`] without copying or allocating.
1397 /// use std::ffi::CString;
1399 /// let c_string = CString::new(b"foo".to_vec()).expect("CString::new failed");
1400 /// let boxed = c_string.into_boxed_c_str();
1401 /// assert_eq!(boxed.into_c_string(), CString::new("foo").expect("CString::new failed"));
1403 #[stable(feature = "into_boxed_c_str", since = "1.20.0")]
1404 pub fn into_c_string(self: Box<CStr>) -> CString {
1405 let raw = Box::into_raw(self) as *mut [u8];
1406 CString { inner: unsafe { Box::from_raw(raw) } }
1410 #[stable(feature = "rust1", since = "1.0.0")]
1411 impl PartialEq for CStr {
1412 fn eq(&self, other: &CStr) -> bool {
1413 self.to_bytes().eq(other.to_bytes())
1416 #[stable(feature = "rust1", since = "1.0.0")]
1418 #[stable(feature = "rust1", since = "1.0.0")]
1419 impl PartialOrd for CStr {
1420 fn partial_cmp(&self, other: &CStr) -> Option<Ordering> {
1421 self.to_bytes().partial_cmp(&other.to_bytes())
1424 #[stable(feature = "rust1", since = "1.0.0")]
1426 fn cmp(&self, other: &CStr) -> Ordering {
1427 self.to_bytes().cmp(&other.to_bytes())
1431 #[stable(feature = "cstr_borrow", since = "1.3.0")]
1432 impl ToOwned for CStr {
1433 type Owned = CString;
1435 fn to_owned(&self) -> CString {
1436 CString { inner: self.to_bytes_with_nul().into() }
1439 fn clone_into(&self, target: &mut CString) {
1440 let mut b = Vec::from(mem::take(&mut target.inner));
1441 self.to_bytes_with_nul().clone_into(&mut b);
1442 target.inner = b.into_boxed_slice();
1446 #[stable(feature = "cstring_asref", since = "1.7.0")]
1447 impl From<&CStr> for CString {
1448 fn from(s: &CStr) -> CString {
1453 #[stable(feature = "cstring_asref", since = "1.7.0")]
1454 impl ops::Index<ops::RangeFull> for CString {
1458 fn index(&self, _index: ops::RangeFull) -> &CStr {
1463 #[stable(feature = "cstr_range_from", since = "1.47.0")]
1464 impl ops::Index<ops::RangeFrom<usize>> for CStr {
1467 fn index(&self, index: ops::RangeFrom<usize>) -> &CStr {
1468 let bytes = self.to_bytes_with_nul();
1469 // we need to manually check the starting index to account for the null
1470 // byte, since otherwise we could get an empty string that doesn't end
1472 if index.start < bytes.len() {
1473 unsafe { CStr::from_bytes_with_nul_unchecked(&bytes[index.start..]) }
1476 "index out of bounds: the len is {} but the index is {}",
1484 #[stable(feature = "cstring_asref", since = "1.7.0")]
1485 impl AsRef<CStr> for CStr {
1487 fn as_ref(&self) -> &CStr {
1492 #[stable(feature = "cstring_asref", since = "1.7.0")]
1493 impl AsRef<CStr> for CString {
1495 fn as_ref(&self) -> &CStr {
1503 use crate::borrow::Cow::{Borrowed, Owned};
1504 use crate::collections::hash_map::DefaultHasher;
1505 use crate::hash::{Hash, Hasher};
1506 use crate::os::raw::c_char;
1508 use crate::sync::Arc;
1512 let data = b"123\0";
1513 let ptr = data.as_ptr() as *const c_char;
1515 assert_eq!(CStr::from_ptr(ptr).to_bytes(), b"123");
1516 assert_eq!(CStr::from_ptr(ptr).to_bytes_with_nul(), b"123\0");
1522 let s = CString::new("1234").unwrap();
1523 assert_eq!(s.as_bytes(), b"1234");
1524 assert_eq!(s.as_bytes_with_nul(), b"1234\0");
1528 fn build_with_zero1() {
1529 assert!(CString::new(&b"\0"[..]).is_err());
1532 fn build_with_zero2() {
1533 assert!(CString::new(vec![0]).is_err());
1537 fn build_with_zero3() {
1539 let s = CString::from_vec_unchecked(vec![0]);
1540 assert_eq!(s.as_bytes(), b"\0");
1546 let s = CString::new(&b"abc\x01\x02\n\xE2\x80\xA6\xFF"[..]).unwrap();
1547 assert_eq!(format!("{:?}", s), r#""abc\x01\x02\n\xe2\x80\xa6\xff""#);
1553 let s = CStr::from_ptr(b"12\0".as_ptr() as *const _);
1554 assert_eq!(s.to_bytes(), b"12");
1555 assert_eq!(s.to_bytes_with_nul(), b"12\0");
1561 let data = b"123\xE2\x80\xA6\0";
1562 let ptr = data.as_ptr() as *const c_char;
1564 assert_eq!(CStr::from_ptr(ptr).to_str(), Ok("123…"));
1565 assert_eq!(CStr::from_ptr(ptr).to_string_lossy(), Borrowed("123…"));
1567 let data = b"123\xE2\0";
1568 let ptr = data.as_ptr() as *const c_char;
1570 assert!(CStr::from_ptr(ptr).to_str().is_err());
1571 assert_eq!(CStr::from_ptr(ptr).to_string_lossy(), Owned::<str>(format!("123\u{FFFD}")));
1577 let data = b"123\0";
1578 let ptr = data.as_ptr() as *const c_char;
1580 let owned = unsafe { CStr::from_ptr(ptr).to_owned() };
1581 assert_eq!(owned.as_bytes_with_nul(), data);
1586 let data = b"123\xE2\xFA\xA6\0";
1587 let ptr = data.as_ptr() as *const c_char;
1588 let cstr: &'static CStr = unsafe { CStr::from_ptr(ptr) };
1590 let mut s = DefaultHasher::new();
1592 let cstr_hash = s.finish();
1593 let mut s = DefaultHasher::new();
1594 CString::new(&data[..data.len() - 1]).unwrap().hash(&mut s);
1595 let cstring_hash = s.finish();
1597 assert_eq!(cstr_hash, cstring_hash);
1601 fn from_bytes_with_nul() {
1602 let data = b"123\0";
1603 let cstr = CStr::from_bytes_with_nul(data);
1604 assert_eq!(cstr.map(CStr::to_bytes), Ok(&b"123"[..]));
1605 let cstr = CStr::from_bytes_with_nul(data);
1606 assert_eq!(cstr.map(CStr::to_bytes_with_nul), Ok(&b"123\0"[..]));
1609 let cstr = CStr::from_bytes_with_nul(data);
1610 let cstr_unchecked = CStr::from_bytes_with_nul_unchecked(data);
1611 assert_eq!(cstr, Ok(cstr_unchecked));
1616 fn from_bytes_with_nul_unterminated() {
1618 let cstr = CStr::from_bytes_with_nul(data);
1619 assert!(cstr.is_err());
1623 fn from_bytes_with_nul_interior() {
1624 let data = b"1\023\0";
1625 let cstr = CStr::from_bytes_with_nul(data);
1626 assert!(cstr.is_err());
1631 let orig: &[u8] = b"Hello, world!\0";
1632 let cstr = CStr::from_bytes_with_nul(orig).unwrap();
1633 let boxed: Box<CStr> = Box::from(cstr);
1634 let cstring = cstr.to_owned().into_boxed_c_str().into_c_string();
1635 assert_eq!(cstr, &*boxed);
1636 assert_eq!(&*boxed, &*cstring);
1637 assert_eq!(&*cstring, cstr);
1641 fn boxed_default() {
1642 let boxed = <Box<CStr>>::default();
1643 assert_eq!(boxed.to_bytes_with_nul(), &[0]);
1647 fn test_c_str_clone_into() {
1648 let mut c_string = CString::new("lorem").unwrap();
1649 let c_ptr = c_string.as_ptr();
1650 let c_str = CStr::from_bytes_with_nul(b"ipsum\0").unwrap();
1651 c_str.clone_into(&mut c_string);
1652 assert_eq!(c_str, c_string.as_c_str());
1653 // The exact same size shouldn't have needed to move its allocation
1654 assert_eq!(c_ptr, c_string.as_ptr());
1659 let orig: &[u8] = b"Hello, world!\0";
1660 let cstr = CStr::from_bytes_with_nul(orig).unwrap();
1661 let rc: Rc<CStr> = Rc::from(cstr);
1662 let arc: Arc<CStr> = Arc::from(cstr);
1664 assert_eq!(&*rc, cstr);
1665 assert_eq!(&*arc, cstr);
1667 let rc2: Rc<CStr> = Rc::from(cstr.to_owned());
1668 let arc2: Arc<CStr> = Arc::from(cstr.to_owned());
1670 assert_eq!(&*rc2, cstr);
1671 assert_eq!(&*arc2, cstr);
1675 fn cstr_const_constructor() {
1676 const CSTR: &CStr = unsafe { CStr::from_bytes_with_nul_unchecked(b"Hello, world!\0") };
1678 assert_eq!(CSTR.to_str().unwrap(), "Hello, world!");
1682 fn cstr_index_from() {
1683 let original = b"Hello, world!\0";
1684 let cstr = CStr::from_bytes_with_nul(original).unwrap();
1685 let result = CStr::from_bytes_with_nul(&original[7..]).unwrap();
1687 assert_eq!(&cstr[7..], result);
1692 fn cstr_index_from_empty() {
1693 let original = b"Hello, world!\0";
1694 let cstr = CStr::from_bytes_with_nul(original).unwrap();
1695 let _ = &cstr[original.len()..];