Could someone give my crate a review?

This is an array/bytes/hex toolbox.

GitHub - hack-ink/array-bytes: Collection of array/bytes/hex utilities.

Please focus on the security part. I hope it is zero panics.

Thanks so much!

So far only looking at the unsafe usage quickly, the only thing you’re using it for is to convert &[u8] to &str unchecked, or with a custom checked, respectively. For that conversion you use mem::transmute, but seeing mem::transmutes, particularly for references, always makes a reviewer a bit wary and uncomfortable… in this case it’s a way better idea to use [core|std]::str::from_utf8_unchecked instead, which makes a lot clearer that the only safety guarantee that must be ensured by review is indeed the validity of the utf8 data.

1 Like

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.