From ad8fb411030d4ce375261aec41ef7235edae5309 Mon Sep 17 00:00:00 2001
From: Alice Ryhl <alice@ryhl.io>
Date: Fri, 15 Jan 2021 00:09:07 +0100
Subject: [PATCH] io: fix unsoundness in read_to_end (#3428)

---
 .github/workflows/ci.yml         | 4 ++--
 tokio/src/io/util/read_to_end.rs | 5 ++---
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index dd4972ed0..c8640a9af 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,8 +1,8 @@
 on:
   push:
-    branches: ["master"]
+    branches: ["master", "tokio-*.x"]
   pull_request:
-    branches: ["master"]
+    branches: ["master", "tokio-*.x"]
 
 name: CI
 
diff --git a/tokio/src/io/util/read_to_end.rs b/tokio/src/io/util/read_to_end.rs
index f40d148e2..1aee6810e 100644
--- a/tokio/src/io/util/read_to_end.rs
+++ b/tokio/src/io/util/read_to_end.rs
@@ -72,14 +72,13 @@ fn poll_read_to_end<R: AsyncRead + ?Sized>(
 
     let mut unused_capacity = ReadBuf::uninit(get_unused_capacity(buf));
 
+    let ptr = unused_capacity.filled().as_ptr();
     ready!(read.poll_read(cx, &mut unused_capacity))?;
+    assert_eq!(ptr, unused_capacity.filled().as_ptr());
 
     let n = unused_capacity.filled().len();
     let new_len = buf.len() + n;
 
-    // This should no longer even be possible in safe Rust. An implementor
-    // would need to have unsafely *replaced* the buffer inside `ReadBuf`,
-    // which... yolo?
     assert!(new_len <= buf.capacity());
     unsafe {
         buf.set_len(new_len);