unsafe-rust: add explanatory commentary to solution #3064

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

mgeisler merged 1 commit into main from solution-unsafe-rust

Feb 12, 2026

src/unsafe-rust/solution.md

-Original file line number
+Diff line change
@@ Expand Up / @@ -3,3 +3,28 @@ @@
     ```rust,editable
     {{#include exercise.rs:solution}}
     ```
+    - **Safety Comments:** Each `unsafe` block is preceded by a `// SAFETY:` comment
+      explaining why the operation is safe. This is standard practice in Rust to aid
+      auditing.
+    - **String conversions:** The code demonstrates the conversions required for
+      FFI:
+      - `&str` -> `CString`: To create a null-terminated string for C.
+      - `CString` -> `*const c_char`: To pass the pointer to C.
+      - `*const c_char` -> `&CStr`: To wrap the returned C string.
+      - `&CStr` -> `&[u8]` -> `&OsStr` -> `OsString`: To convert the bytes back to a
+        Rust OS string.
+    - **RAII (`Drop`):** We implement `Drop` to call `closedir` automatically when
+      the iterator goes out of scope. This ensures we don't leak file descriptors.
+    - **Iterator Interface:** We wrap the C API in a Rust `Iterator`, providing a
+      safe and idiomatic interface (`next` returns `Option<OsString>`) to the
+      underlying unsafe C functions.
+    <details>
+    - Explain that `CString` owns the data (like `String`), while `CStr` is a
+      borrowed reference (like `&str`).
+    - The `OsStrExt` trait is needed on Unix systems to convert bytes directly to
+      `OsStr`.
+    </details>

Provide feedback