Conversation
grenade
added a commit
to grenade/vortex
that referenced
this pull request
Apr 5, 2026
- Add bounds check before slicing buffer in disk read completion handler (event_loop.rs). Logs error instead of panicking when end_idx exceeds buffer length. - Guard Buffer::drop panic with std::thread::panicking() to prevent double-panic abort. Follows the same pattern already applied to BufferRing::drop in PR Nehliin#95.
grenade
added a commit
to grenade/vortex
that referenced
this pull request
Apr 9, 2026
- Add bounds check before slicing buffer in disk read completion handler (event_loop.rs). Logs error instead of panicking when end_idx exceeds buffer length. - Guard Buffer::drop panic with std::thread::panicking() to prevent double-panic abort. Follows the same pattern already applied to BufferRing::drop in PR Nehliin#95.
grenade
added a commit
to grenade/vortex
that referenced
this pull request
Apr 13, 2026
The end_idx computation used piece_len.min(SUBPIECE_SIZE) which always resolved to SUBPIECE_SIZE (16384) for normal pieces. When piece_length is not a multiple of SUBPIECE_SIZE (e.g. 1986560 = 121*16384 + 4096), the last subpiece starts at offset 1982464 and is only 4096 bytes, but end_idx was computed as 1982464 + 16384 = 1998848, overflowing the buffer of 1986560 bytes. Fix: cap end_idx at piece_len instead of adding a fixed SUBPIECE_SIZE. The buf_pool.rs panicking() guard (matching the existing BufferRing::drop pattern from PR Nehliin#95) is retained as defense-in-depth. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Nehliin
pushed a commit
that referenced
this pull request
Apr 14, 2026
…124) * fix: correct subpiece slice bounds for non-power-of-2 piece lengths The end_idx computation used piece_len.min(SUBPIECE_SIZE) which always resolved to SUBPIECE_SIZE (16384) for normal pieces. When piece_length is not a multiple of SUBPIECE_SIZE (e.g. 1986560 = 121*16384 + 4096), the last subpiece starts at offset 1982464 and is only 4096 bytes, but end_idx was computed as 1982464 + 16384 = 1998848, overflowing the buffer of 1986560 bytes. Fix: cap end_idx at piece_len instead of adding a fixed SUBPIECE_SIZE. The buf_pool.rs panicking() guard (matching the existing BufferRing::drop pattern from PR #95) is retained as defense-in-depth. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * style: fix rustfmt formatting in event_loop.rs Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
the check in the destructor is only there for non panicking code that forgets to unregister the buffer