|
|
Subscribe / Log in / New account

Different kinds of validation?

Different kinds of validation?

Posted Sep 23, 2025 9:20 UTC (Tue) by farnz (subscriber, #17727)
In reply to: Different kinds of validation? by taladar
Parent article: Tracking trust with Rust in the kernel

That's a related problem, solved already (as you've shown) by the newtype pattern.

Untrusted<T> is closer to the way &str relates to &[u8]; a string slice is a byte slice with the additional promise on top that it's valid UTF-8. In this analogy, Untrusted<T> is to T as &[u8] is to &str; you may "know" that this "should" be a safe string, but you have to actually validate it to use it (like you would with str::from_utf8 if you were dealing with byte slices).

to post comments

Different kinds of validation?

Posted Sep 24, 2025 7:46 UTC (Wed) by taladar (subscriber, #68407) [Link]

So you are talking about e.g. a &str that you think is HTML but you have to parse it to validate that it has the correct structure and preserves invariants?


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds