Update unsound DrainFilter and RString::retain

[Qwaz]

Hello, we (Rust group @sslab-gatech) found a memory-safety/soundness issue in this crate while scanning Rust code on crates.io for potential vulnerabilities.

abi_stable_crates/abi_stable/src/std_types/vec/iters.rs

Lines 292 to 320 in 2bff3b3

	impl<T, F> Iterator for DrainFilter<'_, T, F>
	where F: FnMut(&mut T) -> bool,
	{
	type Item = T;
	fn next(&mut self) -> Option<T> {
	unsafe {
	while self.idx != self.old_len {
	let i = self.idx;
	self.idx += 1;
	let v = slice::from_raw_parts_mut(self.vec.as_mut_ptr(), self.old_len);
	if (self.pred)(&mut v[i]) {
	self.del += 1;
	return Some(ptr::read(&v[i]));
	} else if self.del > 0 {
	let del = self.del;
	let src: *const T = &v[i];
	let dst: *mut T = &mut v[i - del];
	ptr::copy_nonoverlapping(src, dst, 1);
	}
	}
	None
	}
	}
	fn size_hint(&self) -> (usize, Option<usize>) {
	(0, Some(self.old_len - self.idx))
	}
	}

abi_stable_crates/abi_stable/src/std_types/string.rs

Lines 636 to 670 in 2bff3b3

	#[inline]
	pub fn retain<F>(&mut self, mut pred: F)
	where F: FnMut(char) -> bool
	{
	// literal copy-paste of std,so if this is wrong std is wrong.
	let len = self.len();
	let mut del_bytes = 0;
	let mut idx = 0;
	while idx < len {
	let ch = unsafe {
	self.get_unchecked(idx..len).chars().next().unwrap()
	};
	let ch_len = ch.len_utf8();
	if !pred(ch) {
	del_bytes += ch_len;
	} else if del_bytes > 0 {
	unsafe {
	ptr::copy(
	self.inner.as_ptr().add(idx),
	self.inner.as_mut_ptr().add(idx - del_bytes),
	ch_len
	);
	}
	}
	idx += ch_len;
	}
	if del_bytes > 0 {
	unsafe { self.inner.set_len(len - del_bytes); }
	}
	}

These two implementations are copy-pasted from Rust's standard library, and unfortunately it turns out that std implementations were containing soundness bugs (rust-lang/rust#60977 and rust-lang/rust#78498, respectively). Could you check them and update the respective part of this crate?

[rodrimati1992]

That you for reporting this, I'll be making the 0.9.1 patch in the 0_9_patch branch. I'll wait at least 18 hours before releasing the patch.

[Qwaz]

Thank you for the quick fix!

[rodrimati1992]

I've released the patch for this, so I'm closing this now.
https://github.com/rodrimati1992/abi_stable_crates/releases/tag/0.9.1
https://crates.io/crates/abi_stable/0.9.1