[libvirt] [PATCH Rust 3/4] fix pointer type of macro used to convert rs string to c string

[Sahid Orentino Ferdjaoui]

In this commit we also add todo and warning to avoid using them +
remove them in future.

Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui at canonical.com>
---
 src/lib.rs | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/src/lib.rs b/src/lib.rs
index 77bf4a9..64d49cd 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -99,12 +99,31 @@ macro_rules! c_chars_to_string {
 
 }
 
+// Those two macros are not completely safe and we should probably
+// stop using them to avoid possibility of pointers dangling. The
+// memory may be freed too early.
+//
+// To avoid that, the right pattern would be:
+//
+// let cstring = CString::new(rs_string).unwrap();
+// unsafe {
+//   some_c_function(cstring.as_ptr() as *const libc::c_char);
+// }
+//
+// So we ensure the pointer passed to 'some_c_function()' will live
+// until 'cstring' exists.
+//
+// TODO(sahid): fix code + remove macros.
+
 macro_rules! string_to_c_chars {
-    ($x:expr) => (::std::ffi::CString::new($x).unwrap().as_ptr())
+    ($x:expr) => (
+        ::std::ffi::CString::new($x).unwrap().as_ptr() as *const libc::c_char)
 }
 
 macro_rules! string_to_mut_c_chars {
-    ($x:expr) => (::std::ffi::CString::new($x).unwrap().into_raw())
+    ($x:expr) => (
+        // Usage of this should ensure deallocation.
+        ::std::ffi::CString::new($x).unwrap().into_raw() as *mut libc::c_char)
 }
 
 macro_rules! impl_from {
-- 
2.17.1