From: Matt Corallo <git@bluematt.me>
Date: Mon, 27 Sep 2021 23:24:43 +0000 (+0000)
Subject: Correct clone logic for `Str`.
X-Git-Tag: v0.0.101.3^0
X-Git-Url: http://git.bitcoin.ninja/index.cgi?p=ldk-c-bindings;a=commitdiff_plain;h=dde6026d418c42ca5f0030a856e1ec15a2aa4d55

Correct clone logic for `Str`.

Previously we'd blindly clone'd the fields, which, if
`data_is_owned` is set, will always result in a a double-free.

Instead, we always clone the underlying bytes, setting
`data_is_owned` on the returned value since its likely the caller
wants to hold onto the string outside of the current context.
---

diff --git a/lightning-c-bindings/src/c_types/mod.rs b/lightning-c-bindings/src/c_types/mod.rs
index 18d8a08..274981d 100644
--- a/lightning-c-bindings/src/c_types/mod.rs
+++ b/lightning-c-bindings/src/c_types/mod.rs
@@ -435,7 +435,6 @@ pub(crate) fn deserialize_obj_arg<A, I: lightning::util::ser::ReadableArgs<A>>(s
 }
 
 #[repr(C)]
-#[derive(Clone)]
 /// A Rust str object, ie a reference to a UTF8-valid string.
 /// This is *not* null-terminated so cannot be used directly as a C string!
 pub struct Str {
@@ -479,6 +478,11 @@ impl Into<Str> for String {
 		Str { chars: s.as_ptr(), len: s.len(), chars_is_owned: true }
 	}
 }
+impl Clone for Str {
+	fn clone(&self) -> Self {
+		self.into_str().clone().into()
+	}
+}
 
 impl Drop for Str {
 	fn drop(&mut self) {