From 1b32fea9f8a65eb207156b614c7650275d1504c8 Mon Sep 17 00:00:00 2001
From: Brian Smith <brian@briansmith.org>
Date: Mon, 20 May 2024 14:24:19 -0700
Subject: [PATCH 1/3] Increase MSRV to 1.38 so we can use safer pointer casts.

---
 .clippy.toml                | 2 +-
 .github/workflows/tests.yml | 2 +-
 CHANGELOG.md                | 7 +++++++
 README.md                   | 2 +-
 4 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/.clippy.toml b/.clippy.toml
index 992016c2..749c3b58 100644
--- a/.clippy.toml
+++ b/.clippy.toml
@@ -1 +1 @@
-msrv = "1.36"
+msrv = "1.38"
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 40db0124..6847a4e7 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -44,7 +44,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-22.04, windows-2022]
-        toolchain: [nightly, beta, stable, 1.36]
+        toolchain: [nightly, beta, stable, 1.38]
         # Only Test macOS on stable to reduce macOS CI jobs
         include:
           # x86_64-apple-darwin.
diff --git a/CHANGELOG.md b/CHANGELOG.md
index b6763b58..d32a369e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [Unreleased]
+
+### Breaking Changes
+- Update MSRV to 1.38 [#425]
+
+[#425]: https://github.com/rust-random/getrandom/pull/425
+
 ## [0.2.15] - 2024-05-06
 ### Added
 - Apple visionOS support [#410]
diff --git a/README.md b/README.md
index b4b5a2b5..fcebbafa 100644
--- a/README.md
+++ b/README.md
@@ -52,7 +52,7 @@ crate features, WASM support and Custom RNGs see the
 
 ## Minimum Supported Rust Version
 
-This crate requires Rust 1.36.0 or later.
+This crate requires Rust 1.38.0 or later.
 
 ## Platform Support
 

From bdf0d716442eae47d58c1802ec264ea9217f042a Mon Sep 17 00:00:00 2001
From: Brian Smith <brian@briansmith.org>
Date: Mon, 20 May 2024 12:54:00 -0700
Subject: [PATCH 2/3] Use `p.cast::<T>()` instead of as `as *mut T`.

---
 src/apple-other.rs | 2 +-
 src/error.rs       | 2 +-
 src/fuchsia.rs     | 2 +-
 src/getentropy.rs  | 4 ++--
 src/getrandom.rs   | 4 ++--
 src/hermit.rs      | 2 +-
 src/js.rs          | 4 ++--
 src/netbsd.rs      | 4 ++--
 src/solaris.rs     | 4 ++--
 src/solid.rs       | 2 +-
 src/use_file.rs    | 3 ++-
 src/util_libc.rs   | 2 +-
 src/vxworks.rs     | 2 +-
 src/wasi.rs        | 2 +-
 src/windows.rs     | 7 ++++---
 15 files changed, 24 insertions(+), 22 deletions(-)

diff --git a/src/apple-other.rs b/src/apple-other.rs
index 167d8cf0..e54b4cb2 100644
--- a/src/apple-other.rs
+++ b/src/apple-other.rs
@@ -14,7 +14,7 @@ extern "C" {
 }
 
 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
-    let ret = unsafe { CCRandomGenerateBytes(dest.as_mut_ptr() as *mut c_void, dest.len()) };
+    let ret = unsafe { CCRandomGenerateBytes(dest.as_mut_ptr().cast::<c_void>(), dest.len()) };
     // kCCSuccess (from CommonCryptoError.h) is always zero.
     if ret != 0 {
         Err(Error::IOS_SEC_RANDOM)
diff --git a/src/error.rs b/src/error.rs
index 13c81c7a..5dc45110 100644
--- a/src/error.rs
+++ b/src/error.rs
@@ -99,7 +99,7 @@ impl Error {
 cfg_if! {
     if #[cfg(unix)] {
         fn os_err(errno: i32, buf: &mut [u8]) -> Option<&str> {
-            let buf_ptr = buf.as_mut_ptr() as *mut libc::c_char;
+            let buf_ptr = buf.as_mut_ptr().cast::<libc::c_char>();
             if unsafe { libc::strerror_r(errno, buf_ptr, buf.len()) } != 0 {
                 return None;
             }
diff --git a/src/fuchsia.rs b/src/fuchsia.rs
index 11970685..22ae7796 100644
--- a/src/fuchsia.rs
+++ b/src/fuchsia.rs
@@ -8,6 +8,6 @@ extern "C" {
 }
 
 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
-    unsafe { zx_cprng_draw(dest.as_mut_ptr() as *mut u8, dest.len()) }
+    unsafe { zx_cprng_draw(dest.as_mut_ptr().cast::<u8>(), dest.len()) }
     Ok(())
 }
diff --git a/src/getentropy.rs b/src/getentropy.rs
index 41bab8fe..eee47403 100644
--- a/src/getentropy.rs
+++ b/src/getentropy.rs
@@ -8,11 +8,11 @@
 //!
 //! For these targets, we use getentropy(2) because getrandom(2) doesn't exist.
 use crate::{util_libc::last_os_error, Error};
-use core::mem::MaybeUninit;
+use core::{ffi::c_void, mem::MaybeUninit};
 
 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
     for chunk in dest.chunks_mut(256) {
-        let ret = unsafe { libc::getentropy(chunk.as_mut_ptr() as *mut libc::c_void, chunk.len()) };
+        let ret = unsafe { libc::getentropy(chunk.as_mut_ptr().cast::<c_void>(), chunk.len()) };
         if ret != 0 {
             return Err(last_os_error());
         }
diff --git a/src/getrandom.rs b/src/getrandom.rs
index bc583653..88c077c6 100644
--- a/src/getrandom.rs
+++ b/src/getrandom.rs
@@ -16,10 +16,10 @@
 //! nothing. On illumos, the default pool is used to implement getentropy(2),
 //! so we assume it is acceptable here.
 use crate::{util_libc::sys_fill_exact, Error};
-use core::mem::MaybeUninit;
+use core::{ffi::c_void, mem::MaybeUninit};
 
 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
     sys_fill_exact(dest, |buf| unsafe {
-        libc::getrandom(buf.as_mut_ptr() as *mut libc::c_void, buf.len(), 0)
+        libc::getrandom(buf.as_mut_ptr().cast::<c_void>(), buf.len(), 0)
     })
 }
diff --git a/src/hermit.rs b/src/hermit.rs
index c4f61941..d797f74a 100644
--- a/src/hermit.rs
+++ b/src/hermit.rs
@@ -13,7 +13,7 @@ extern "C" {
 
 pub fn getrandom_inner(mut dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
     while !dest.is_empty() {
-        let res = unsafe { sys_read_entropy(dest.as_mut_ptr() as *mut u8, dest.len(), 0) };
+        let res = unsafe { sys_read_entropy(dest.as_mut_ptr().cast::<u8>(), dest.len(), 0) };
         // Positive `isize`s can be safely casted to `usize`
         if res > 0 && (res as usize) <= dest.len() {
             dest = &mut dest[res as usize..];
diff --git a/src/js.rs b/src/js.rs
index e5428f50..bec31ee5 100644
--- a/src/js.rs
+++ b/src/js.rs
@@ -40,7 +40,7 @@ pub(crate) fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error>
                     // have a notion of "uninitialized memory", this is purely
                     // a Rust/C/C++ concept.
                     let res = n.random_fill_sync(unsafe {
-                        Uint8Array::view_mut_raw(chunk.as_mut_ptr() as *mut u8, chunk.len())
+                        Uint8Array::view_mut_raw(chunk.as_mut_ptr().cast::<u8>(), chunk.len())
                     });
                     if res.is_err() {
                         return Err(Error::NODE_RANDOM_FILL_SYNC);
@@ -60,7 +60,7 @@ pub(crate) fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error>
                     }
 
                     // SAFETY: `sub_buf`'s length is the same length as `chunk`
-                    unsafe { sub_buf.raw_copy_to_ptr(chunk.as_mut_ptr() as *mut u8) };
+                    unsafe { sub_buf.raw_copy_to_ptr(chunk.as_mut_ptr().cast::<u8>()) };
                 }
             }
         };
diff --git a/src/netbsd.rs b/src/netbsd.rs
index 4211a865..0ad20b71 100644
--- a/src/netbsd.rs
+++ b/src/netbsd.rs
@@ -9,7 +9,7 @@ fn kern_arnd(buf: &mut [MaybeUninit<u8>]) -> libc::ssize_t {
         libc::sysctl(
             MIB.as_ptr(),
             MIB.len() as libc::c_uint,
-            buf.as_mut_ptr() as *mut _,
+            buf.as_mut_ptr().cast::<c_void>(),
             &mut len,
             ptr::null(),
             0,
@@ -38,7 +38,7 @@ pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
     if !fptr.is_null() {
         let func: GetRandomFn = unsafe { core::mem::transmute(fptr) };
         return sys_fill_exact(dest, |buf| unsafe {
-            func(buf.as_mut_ptr() as *mut u8, buf.len(), 0)
+            func(buf.as_mut_ptr().cast::<u8>(), buf.len(), 0)
         });
     }
 
diff --git a/src/solaris.rs b/src/solaris.rs
index 8a3401e0..c96ae2a3 100644
--- a/src/solaris.rs
+++ b/src/solaris.rs
@@ -13,13 +13,13 @@
 //! https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2
 //! which also explains why this crate should not use getentropy(2).
 use crate::{util_libc::last_os_error, Error};
-use core::mem::MaybeUninit;
+use core::{ffi::c_void, mem::MaybeUninit};
 
 const MAX_BYTES: usize = 1024;
 
 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
     for chunk in dest.chunks_mut(MAX_BYTES) {
-        let ptr = chunk.as_mut_ptr() as *mut libc::c_void;
+        let ptr = chunk.as_mut_ptr().cast::<c_void>();
         let ret = unsafe { libc::getrandom(ptr, chunk.len(), libc::GRND_RANDOM) };
         // In case the man page has a typo, we also check for negative ret.
         if ret <= 0 {
diff --git a/src/solid.rs b/src/solid.rs
index cae8caf6..56a47eeb 100644
--- a/src/solid.rs
+++ b/src/solid.rs
@@ -7,7 +7,7 @@ extern "C" {
 }
 
 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
-    let ret = unsafe { SOLID_RNG_SampleRandomBytes(dest.as_mut_ptr() as *mut u8, dest.len()) };
+    let ret = unsafe { SOLID_RNG_SampleRandomBytes(dest.as_mut_ptr().cast::<u8>(), dest.len()) };
     if ret >= 0 {
         Ok(())
     } else {
diff --git a/src/use_file.rs b/src/use_file.rs
index bd643ae5..d2fe244f 100644
--- a/src/use_file.rs
+++ b/src/use_file.rs
@@ -5,6 +5,7 @@ use crate::{
 };
 use core::{
     cell::UnsafeCell,
+    ffi::c_void,
     mem::MaybeUninit,
     sync::atomic::{AtomicUsize, Ordering::Relaxed},
 };
@@ -21,7 +22,7 @@ const FD_UNINIT: usize = usize::max_value();
 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
     let fd = get_rng_fd()?;
     sys_fill_exact(dest, |buf| unsafe {
-        libc::read(fd, buf.as_mut_ptr() as *mut libc::c_void, buf.len())
+        libc::read(fd, buf.as_mut_ptr().cast::<c_void>(), buf.len())
     })
 }
 
diff --git a/src/util_libc.rs b/src/util_libc.rs
index 765d5fd4..7abd590f 100644
--- a/src/util_libc.rs
+++ b/src/util_libc.rs
@@ -92,7 +92,7 @@ pub fn getrandom_syscall(buf: &mut [MaybeUninit<u8>]) -> libc::ssize_t {
     unsafe {
         libc::syscall(
             libc::SYS_getrandom,
-            buf.as_mut_ptr() as *mut libc::c_void,
+            buf.as_mut_ptr().cast::<core::ffi::c_void>(),
             buf.len(),
             0,
         ) as libc::ssize_t
diff --git a/src/vxworks.rs b/src/vxworks.rs
index 7ca9d6bf..5c75847b 100644
--- a/src/vxworks.rs
+++ b/src/vxworks.rs
@@ -20,7 +20,7 @@ pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
 
     // Prevent overflow of i32
     for chunk in dest.chunks_mut(i32::max_value() as usize) {
-        let ret = unsafe { libc::randABytes(chunk.as_mut_ptr() as *mut u8, chunk.len() as i32) };
+        let ret = unsafe { libc::randABytes(chunk.as_mut_ptr().cast::<u8>(), chunk.len() as i32) };
         if ret != 0 {
             return Err(last_os_error());
         }
diff --git a/src/wasi.rs b/src/wasi.rs
index d6c8a912..a5b23070 100644
--- a/src/wasi.rs
+++ b/src/wasi.rs
@@ -7,7 +7,7 @@ use core::{
 use wasi::random_get;
 
 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
-    unsafe { random_get(dest.as_mut_ptr() as *mut u8, dest.len()) }.map_err(|e| {
+    unsafe { random_get(dest.as_mut_ptr().cast::<u8>(), dest.len()) }.map_err(|e| {
         // The WASI errno will always be non-zero, but we check just in case.
         match NonZeroU16::new(e.raw()) {
             Some(r) => Error::from(NonZeroU32::from(r)),
diff --git a/src/windows.rs b/src/windows.rs
index 2d1c4835..0aa8dde2 100644
--- a/src/windows.rs
+++ b/src/windows.rs
@@ -29,7 +29,7 @@ pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
         let ret = unsafe {
             BCryptGenRandom(
                 ptr::null_mut(),
-                chunk.as_mut_ptr() as *mut u8,
+                chunk.as_mut_ptr().cast::<u8>(),
                 chunk.len() as u32,
                 BCRYPT_USE_SYSTEM_PREFERRED_RNG,
             )
@@ -39,8 +39,9 @@ pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
             // Failed. Try RtlGenRandom as a fallback.
             #[cfg(not(target_vendor = "uwp"))]
             {
-                let ret =
-                    unsafe { RtlGenRandom(chunk.as_mut_ptr() as *mut c_void, chunk.len() as u32) };
+                let ret = unsafe {
+                    RtlGenRandom(chunk.as_mut_ptr().cast::<c_void>(), chunk.len() as u32)
+                };
                 if ret != 0 {
                     continue;
                 }

From 13bf894786790c6a26f9ab5aa5c94e82a0cbffaf Mon Sep 17 00:00:00 2001
From: Brian Smith <brian@briansmith.org>
Date: Mon, 20 May 2024 13:37:25 -0700
Subject: [PATCH 3/3] Use `p.cast::<T>()` instead of `as *const T`.

---
 src/netbsd.rs    | 2 +-
 src/util_libc.rs | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/netbsd.rs b/src/netbsd.rs
index 0ad20b71..c4ea75e4 100644
--- a/src/netbsd.rs
+++ b/src/netbsd.rs
@@ -29,7 +29,7 @@ static GETRANDOM: LazyPtr = LazyPtr::new();
 
 fn dlsym_getrandom() -> *mut c_void {
     static NAME: &[u8] = b"getrandom\0";
-    let name_ptr = NAME.as_ptr() as *const libc::c_char;
+    let name_ptr = NAME.as_ptr().cast::<libc::c_char>();
     unsafe { libc::dlsym(libc::RTLD_DEFAULT, name_ptr) }
 }
 
diff --git a/src/util_libc.rs b/src/util_libc.rs
index 7abd590f..1d6bf9a2 100644
--- a/src/util_libc.rs
+++ b/src/util_libc.rs
@@ -74,7 +74,10 @@ pub fn sys_fill_exact(
 pub unsafe fn open_readonly(path: &str) -> Result<libc::c_int, Error> {
     debug_assert_eq!(path.as_bytes().last(), Some(&0));
     loop {
-        let fd = libc::open(path.as_ptr() as *const _, libc::O_RDONLY | libc::O_CLOEXEC);
+        let fd = libc::open(
+            path.as_ptr().cast::<libc::c_char>(),
+            libc::O_RDONLY | libc::O_CLOEXEC,
+        );
         if fd >= 0 {
             return Ok(fd);
         }