Mitigate UB

Author: jorgecarleitao

src/fixed.rs

@@ -32,9 +32,15 @@ pub trait FixedInt: Sized + Copy {
     /// on big-endian machines). If you receive a big-endian integer, and would like it to be
     /// treated correctly, use this helper method to convert between endiannesses.
     fn switch_endianness(self) -> Self {
+        // an implementation of `FixedInt` may not provide the correct space,
+        // resulting in UB.
+        assert_eq!(size_of::<Self>(), Self::REQUIRED_SPACE);
         // Switch to intrinsic bswap when out of nightly.
         unsafe {
-            let sl = std::slice::from_raw_parts_mut(transmute::<&Self, *mut u8>(&self), Self::REQUIRED_SPACE);
+            let sl = std::slice::from_raw_parts_mut(
+                transmute::<&Self, *mut u8>(&self),
+                Self::REQUIRED_SPACE,
+            );
             sl.reverse();
             *transmute::<*const u8, &Self>(sl.as_ptr())
         }

src/fixed_tests.rs

@@ -75,6 +75,33 @@ mod tests {
     }
     */
 
+    #[should_panic]
+    #[test]
+    fn test_switch() {
+        impl FixedInt for i128 {
+            const REQUIRED_SPACE: usize = 256;
+
+            fn required_space() -> usize {
+                todo!()
+            }
+
+            fn encode_fixed(self, dst: &mut [u8]) {
+                todo!()
+            }
+
+            fn decode_fixed(src: &[u8]) -> Self {
+                todo!()
+            }
+
+            fn encode_fixed_light<'a>(&'a self) -> &'a [u8] {
+                todo!()
+            }
+        }
+
+        let int = -32767i128;
+        let int = int.switch_endianness();
+    }
+
     #[test]
     fn test_i32_enc_light() {
         let int = -32767 as i32;