0.4.1 (older version) Thoroughness: Medium Understanding: Medium
by MaulingMonkey on 2019-09-25
This review is from Crev, a distributed system for code reviews. To add your review, set up cargo-crev
.
The current version of crossterm_input is 0.5.0.
0.4.1 (older version) Thoroughness: Medium Understanding: Medium
by MaulingMonkey on 2019-09-25
Crates in the crates.io registry are tarball snapshots uploaded by crates' publishers. The registry is not using crates' git repositories. There is absolutely no guarantee that the repository URL declared by the crate belongs to the crate, or that the code in the repository is the code inside the published tarball.
To review the actual code of the crate, it's best to use cargo crev open crossterm_input
. Alternatively, you can download the tarball of crossterm_input v0.5.0 or view the source online.
Pros:
Cons:
read == 0
?/dev/tty
access, but that's expectedsrc/input/unix_input.rs
.unwrap
Panic citysrc/input/windows_input.rs
unsafe { ... }
- willing to assume_getwche
is sound.unsafe { ... }
- unsound access of ORIG_MODE! [#245]unsafe { ... }
- unsound access of ORIG_MODE! [#245]unsafe { ... }
-KeyEventRecord::from(*input.event.KeyEvent())
is probably sound/safe?unsafe { ... }
-MouseEvent::from(*input.event.MouseEvent())
is probably sound/safe?unsafe { ... }
-KeyEventRecord::from(*input.event.KeyEvent())
is probably sound/safe?unsafe { ... }
-MouseEvent::from(*input.event.MouseEvent())
is probably sound/safe?unsafe { ... }
assumes UnicodeChar is valid. Private fn only called on win32 results... technically unsound of winapi only populated AsciiChar, but that would be super dumb.src/sys/unix.rs
unsafe { ... }
looks soundread == 0
can probably happen when pipe broken? generates extra ' '?Issue: High (github.com/crossterm-rs/crossterm/issues/245)
Unguarded access of static mut ORIG_MODE is unsound