Destabilize the Error::type_id function

This commit destabilizes the `Error::type_id` function in the standard library. This does so by effectively reverting #58048, restoring the `#[unstable]` attribute. The security mailing list has recently been notified of a vulnerability relating to the stabilization of this function. First stabilized in Rust 1.34.0, a stable function here allows users to implement a custom return value for this function: struct MyType; impl Error for MyType { fn type_id(&self) -> TypeId { // Enable safe casting to `String` by accident. TypeId::of::<String>() } } This, when combined with the `Error::downcast` family of functions, allows safely casting a type to any other type, clearly a memory safety issue! A security announcement will be shortly posted to the security mailing list as well as the Rust Blog, and when those links are available they'll be filled in for this PR as well. This commit simply destabilizes the `Error::type_id` which, although breaking for users since Rust 1.34.0, is hoped to have little impact and has been deemed sufficient to mitigate this issue for the stable channel. The long-term fate of the `Error::type_id` API will be discussed at #60784.
rust-lang · bors · May 13, 2019 · May 13, 2019 · May 13, 2019 · May 13, 2019
commit 0c235ed9b99a96ceb8dc6eab19cbc4f8fdb9454e
diff --git a/src/libstd/error.rs b/src/libstd/error.rs
@@ -196,7 +196,10 @@ pub trait Error: Debug + Display {
     fn source(&self) -> Option<&(dyn Error + 'static)> { None }
 
     /// Gets the `TypeId` of `self`
-    #[stable(feature = "error_type_id", since = "1.34.0")]
+    #[doc(hidden)]
+    #[unstable(feature = "error_type_id",
+               reason = "this is memory unsafe to override in user code",
+               issue = "60784")]
     fn type_id(&self) -> TypeId where Self: 'static {
         TypeId::of::<Self>()
     }