Enforce unsafe surrounding block on safe-to-call functions

commit: 7be5b1f134433e1dc516c0dfcdd2ea64787a625a [log] [tgz]
author: David Tolnay <dtolnay@gmail.com> Wed Nov 11 10:48:32 2020 -0800
committer: David Tolnay <dtolnay@gmail.com> Wed Nov 11 11:09:33 2020 -0800
tree: 19cabcb3a7751e88ffe0725bdc9a8aef7b82e097
parent: 86857455387b4a986de763dd4084716481ece177 [diff]
diff --git a/syntax/parse.rs b/syntax/parse.rs
index b557584..9509bd8 100644
--- a/syntax/parse.rs
+++ b/syntax/parse.rs

@@ -204,7 +204,7 @@
         Lang::Rust => {
             if foreign_mod.unsafety.is_some() {
                 let unsafety = foreign_mod.unsafety;
-                let abi = foreign_mod.abi;
+                let abi = &foreign_mod.abi;
                 let span = quote!(#unsafety #abi);
                 cx.error(span, "extern \"Rust\" block does not need to be unsafe");
             }
@@ -253,6 +253,18 @@
         }
     }
 
+    if !trusted
+        && items.iter().any(|api| match api {
+            Api::CxxFunction(efn) => efn.unsafety.is_none(),
+            _ => false,
+        })
+    {
+        cx.error(
+            foreign_mod.abi,
+            "block must be declared `unsafe extern \"C++\"` if it contains any safe-to-call C++ functions",
+        );
+    }
+
     let mut types = items.iter().filter_map(|item| match item {
         Api::CxxType(ety) | Api::RustType(ety) => Some(&ety.name),
         Api::TypeAlias(alias) => Some(&alias.name),
commit	7be5b1f134433e1dc516c0dfcdd2ea64787a625a	[log] [tgz]
author	David Tolnay <dtolnay@gmail.com>	Wed Nov 11 10:48:32 2020 -0800
committer	David Tolnay <dtolnay@gmail.com>	Wed Nov 11 11:09:33 2020 -0800
tree	19cabcb3a7751e88ffe0725bdc9a8aef7b82e097
parent	86857455387b4a986de763dd4084716481ece177 [diff]