/rust/registry/src/index.crates.io-6f17d22bba15001f/rustix-1.0.3/src/cstr.rs

Source (jump to first uncovered line)
/// A macro for [`CStr`] literals.
///
/// This can make passing string literals to rustix APIs more efficient, since
/// most underlying system calls with string arguments expect NUL-terminated
/// strings, and passing strings to rustix as `CStr`s means that rustix doesn't
/// need to copy them into a separate buffer to NUL-terminate them.
///
/// In Rust ≥ 1.77, users can use [C-string literals] instead of this macro.
///
/// [`CStr`]: crate::ffi::CStr
/// [C-string literals]: https://blog.rust-lang.org/2024/03/21/Rust-1.77.0.html#c-string-literals
///
/// # Examples
///
/// ```
/// # #[cfg(feature = "fs")]
/// # fn main() -> rustix::io::Result<()> {
/// use rustix::cstr;
/// use rustix::fs::{statat, AtFlags, CWD};
///
/// let metadata = statat(CWD, cstr!("Cargo.toml"), AtFlags::empty())?;
/// # Ok(())
/// # }
/// # #[cfg(not(feature = "fs"))]
/// # fn main() {}
/// ```
#[allow(unused_macros)]
#[macro_export]
macro_rules! cstr {
    ($str:literal) => {{
        // Check for NUL manually, to ensure safety.
        //
        // In release builds, with strings that don't contain NULs, this
        // constant-folds away.
        //
        // We don't use std's `CStr::from_bytes_with_nul`; as of this writing,
        // that function isn't defined as `#[inline]` in std and doesn't
        // constant-fold away.
        assert!(
            !$str.bytes().any(|b| b == b'\0'),
            "cstr argument contains embedded NUL bytes",
        );

        #[allow(unsafe_code, unused_unsafe)]
        {
            // Now that we know the string doesn't have embedded NULs, we can
            // call `from_bytes_with_nul_unchecked`, which as of this writing
            // is defined as `#[inline]` and completely optimizes away.
            //
            // SAFETY: We have manually checked that the string does not
            // contain embedded NULs above, and we append or own NUL terminator
            // here.
            unsafe {
                $crate::ffi::CStr::from_bytes_with_nul_unchecked(concat!($str, "\0").as_bytes())
            }
        }
    }};
}

#[cfg(test)]
mod tests {
    #[allow(unused_imports)]
    use super::*;

    #[test]
    fn test_cstr() {
        use crate::ffi::CString;
        use alloc::borrow::ToOwned as _;
        assert_eq!(cstr!(""), &*CString::new("").unwrap());
        assert_eq!(cstr!("").to_owned(), CString::new("").unwrap());
        assert_eq!(cstr!("hello"), &*CString::new("hello").unwrap());
        assert_eq!(cstr!("hello").to_owned(), CString::new("hello").unwrap());
    }

    #[test]
    #[should_panic]
    fn test_invalid_cstr() {
        let _ = cstr!("hello\0world");
    }

    #[test]
    #[should_panic]
    fn test_invalid_empty_cstr() {
        let _ = cstr!("\0");
    }
}

Coverage Report

Created: 2025-06-02 07:01

Line	Count	Source (jump to first uncovered line)
1		/// A macro for [`CStr`] literals.
2		///
3		/// This can make passing string literals to rustix APIs more efficient, since
4		/// most underlying system calls with string arguments expect NUL-terminated
5		/// strings, and passing strings to rustix as `CStr`s means that rustix doesn't
6		/// need to copy them into a separate buffer to NUL-terminate them.
7		///
8		/// In Rust ≥ 1.77, users can use [C-string literals] instead of this macro.
9		///
10		/// [`CStr`]: crate::ffi::CStr
11		/// [C-string literals]: https://blog.rust-lang.org/2024/03/21/Rust-1.77.0.html#c-string-literals
12		///
13		/// # Examples
14		///
15		/// ```
16		/// # #[cfg(feature = "fs")]
17		/// # fn main() -> rustix::io::Result<()> {
18		/// use rustix::cstr;
19		/// use rustix::fs::{statat, AtFlags, CWD};
20		///
21		/// let metadata = statat(CWD, cstr!("Cargo.toml"), AtFlags::empty())?;
22		/// # Ok(())
23		/// # }
24		/// # #[cfg(not(feature = "fs"))]
25		/// # fn main() {}
26		/// ```
27		#[allow(unused_macros)]
28		#[macro_export]
29		macro_rules! cstr {
30		($str:literal) => {{
31		// Check for NUL manually, to ensure safety.
32		//
33		// In release builds, with strings that don't contain NULs, this
34		// constant-folds away.
35		//
36		// We don't use std's `CStr::from_bytes_with_nul`; as of this writing,
37		// that function isn't defined as `#[inline]` in std and doesn't
38		// constant-fold away.
39		assert!(
40	0	!$str.bytes().any(\|b\| b == b'\0'),
41		"cstr argument contains embedded NUL bytes",
42		);
43
44		#[allow(unsafe_code, unused_unsafe)]
45		{
46		// Now that we know the string doesn't have embedded NULs, we can
47		// call `from_bytes_with_nul_unchecked`, which as of this writing
48		// is defined as `#[inline]` and completely optimizes away.
49		//
50		// SAFETY: We have manually checked that the string does not
51		// contain embedded NULs above, and we append or own NUL terminator
52		// here.
53		unsafe {
54		$crate::ffi::CStr::from_bytes_with_nul_unchecked(concat!($str, "\0").as_bytes())
55		}
56		}
57		}};
58		}
59
60		#[cfg(test)]
61		mod tests {
62		#[allow(unused_imports)]
63		use super::*;
64
65		#[test]
66		fn test_cstr() {
67		use crate::ffi::CString;
68		use alloc::borrow::ToOwned as _;
69		assert_eq!(cstr!(""), &*CString::new("").unwrap());
70		assert_eq!(cstr!("").to_owned(), CString::new("").unwrap());
71		assert_eq!(cstr!("hello"), &*CString::new("hello").unwrap());
72		assert_eq!(cstr!("hello").to_owned(), CString::new("hello").unwrap());
73		}
74
75		#[test]
76		#[should_panic]
77		fn test_invalid_cstr() {
78		let _ = cstr!("hello\0world");
79		}
80
81		#[test]
82		#[should_panic]
83		fn test_invalid_empty_cstr() {
84		let _ = cstr!("\0");
85		}
86		}