This review is from Crev, a distributed system for code reviews. To add your review, set up cargo-crev.

The current version of crossterm_cursor is 0.4.0.

0.3.1 (older version) Rating: Negative Thoroughness: Medium Understanding: Medium

by MaulingMonkey on 2019-09-26

Pros:

  • Cross platform

Cons:

  • Soundness issues
  • Data races
File Rating Notes
.github/CODEOWNERS +1
docs/CONTRIBUTING.md +1
src/cursor/ansi_cursor.rs +1
src/cursor/cursor.rs +1
src/cursor/winapi_cursor.rs +1
src/sys/unix.rs -1 [#199] 45: Getting the cursor pos can drop stdin data
src/sys/winapi.rs -1 [#245, #252] Multiple soundness issues
src/cursor.rs +1
src/lib.rs +1
src/sys.rs +1
.cargo_vcs_info.json +1
.cargo-ok +1
.gitignore +1
.travis.yml +1
Cargo.toml +1 MIT, dep: winapi
Cargo.toml.orig +1 MIT, dep: winapi
CHANGELOG.md +1
LICENSE +1 MIT
README.md +1
Other Rating Notes
unsafe -1 Soundness issues
fs +1 None
io 0 Drops stdin
docs +1
tests +1

src/sys/winapi.rs

Line What Notes
26 unsafe mut SAVED_CURSOR_POS -1, [#245] Access to static mut is unguarded! Undefined behavior! Unsound!
68 fn Cursor::goto 0, [#252] unsafe { ... } - would be valid if screen buffer handle was guaranteed valid
86 fn Cursor::set_visibility 0, [#252] unsafe { ... } - would be valid if screen buffer handle was guaranteed valid
101 fn Cursor::restore_cursor_pos -1, [#245] Access to static mut is unguarded! Undefined behavior! Unsound!
114 fn Cursor::save_cursor_pos -1, [#245] Access to static mut is unguarded! Undefined behavior! Unsound!
121 impl From for Cusror ??, [#252] Not sure if Handle is guaranteed to be valid
129 impl From for Cursor -1, [#252] no guarantee HANDLE is valid, unsound!

Lib.rs has been able to verify that all files in the crate's tarball are in the crate's repository with a git tag matching the version. Please note that this check is still in beta, and absence of this confirmation does not mean that the files don't match.

Crates in the crates.io registry are tarball snapshots uploaded by crates' publishers. The registry is not using crates' git repositories, so there is a possibility that published crates have a misleading repository URL, or contain different code from the code in the repository.

To review the actual code of the crate, it's best to use cargo crev open crossterm_cursor. Alternatively, you can download the tarball of crossterm_cursor v0.4.0 or view the source online.