Fix not passing null pointers to ocalls for empty slices

It gets a non-null fat pointer when an empty slice simply calls as_ptr
or as_mut_ptr.

src/libos/src/fs/dev_fs/dev_random.rs

@@ -9,8 +9,7 @@ extern "C" {
 
 impl File for DevRandom {
     fn read(&self, _buf: &mut [u8]) -> Result<usize> {
-        let buf = _buf.as_mut_ptr();
-        let size = _buf.len();
+        let (buf, size) = _buf.as_mut().as_mut_ptr_and_len();
         let status = unsafe { sgx_read_rand(buf, size) };
         if status != sgx_status_t::SGX_SUCCESS {
             return_errno!(EAGAIN, "failed to get random number from sgx");

src/libos/src/fs/event_file.rs

@@ -47,20 +47,23 @@ impl Drop for EventFile {
 
 impl File for EventFile {
     fn read(&self, buf: &mut [u8]) -> Result<usize> {
+        let (buf_ptr, buf_len) = buf.as_mut().as_mut_ptr_and_len();
+
         let ret = try_libc!(libc::ocall::read(
             self.host_fd,
-            buf.as_mut_ptr() as *mut c_void,
-            buf.len()
+            buf_ptr as *mut c_void,
+            buf_len
         )) as usize;
         assert!(ret <= buf.len());
         Ok(ret)
     }
 
     fn write(&self, buf: &[u8]) -> Result<usize> {
+        let (buf_ptr, buf_len) = buf.as_ptr_and_len();
         let ret = try_libc!(libc::ocall::write(
             self.host_fd,
-            buf.as_ptr() as *const c_void,
-            buf.len()
+            buf_ptr as *const c_void,
+            buf_len
         )) as usize;
         assert!(ret <= buf.len());
         Ok(ret)

src/libos/src/fs/mod.rs

@@ -8,6 +8,7 @@ use std::fmt;
 use std::io::{Read, Seek, SeekFrom, Write};
 use std::mem::MaybeUninit;
 use std::path::Path;
+use untrusted::{SliceAsMutPtrAndLen, SliceAsPtrAndLen};
 
 pub use self::dev_fs::AsDevRandom;
 pub use self::event_file::{AsEvent, EventFile};

src/libos/src/fs/stdio.rs

@@ -63,9 +63,10 @@ impl StdoutRaw {
 impl std::io::Write for StdoutRaw {
     fn write(&mut self, buf: &[u8]) -> std::io::Result<usize> {
         let writting_len = cmp::min(buf.len(), size_t::max_value() as usize);
+        let (buf_ptr, _) = buf.as_ptr_and_len();
         let ret = try_libc_stdio!(libc::ocall::write(
             self.host_fd,
-            buf.as_ptr() as *const c_void,
+            buf_ptr as *const c_void,
             writting_len,
         ))
         .unwrap_or_else(|err| {
@@ -220,9 +221,10 @@ impl StdinRaw {
 impl std::io::Read for StdinRaw {
     fn read(&mut self, buf: &mut [u8]) -> std::io::Result<usize> {
         let reading_len = cmp::min(buf.len(), size_t::max_value() as usize);
+        let (buf_ptr, _) = buf.as_mut().as_mut_ptr_and_len();
         let ret = try_libc_stdio!(libc::ocall::read(
             self.host_fd,
-            buf.as_mut_ptr() as *mut c_void,
+            buf_ptr as *mut c_void,
             reading_len,
         ))
         .unwrap_or_else(|err| {

src/libos/src/net/io_multiplexing/poll.rs

@@ -53,9 +53,11 @@ pub fn do_poll(pollfds: &mut [libc::pollfd], timeout: c_int) -> Result<usize> {
         }
     }
 
+    let (u_pollfds_ptr, u_pollfds_len) = u_pollfds.as_mut_slice().as_mut_ptr_and_len();
+
     let num_events = try_libc!(libc::ocall::poll(
-        u_pollfds.as_mut_ptr(),
-        u_pollfds.len() as u64,
+        u_pollfds_ptr,
+        u_pollfds_len as u64,
         timeout
     )) as usize;
     assert!(num_events <= pollfds.len());

src/libos/src/net/io_multiplexing/select.rs

@@ -85,11 +85,8 @@ pub fn do_select(
         Some(tv) => (tv.tv_sec * 1000 + tv.tv_usec / 1000) as i32,
     };
 
-    let ret = try_libc!(libc::ocall::poll(
-        polls.as_mut_ptr(),
-        polls.len() as u64,
-        timeout
-    ));
+    let (polls_ptr, polls_len) = polls.as_mut_slice().as_mut_ptr_and_len();
+    let ret = try_libc!(libc::ocall::poll(polls_ptr, polls_len as u64, timeout));
 
     // convert fd back and write fdset
     readfds.clear();

src/libos/src/net/mod.rs

@@ -1,5 +1,6 @@
 use super::*;
 use std;
+use untrusted::{SliceAsMutPtrAndLen, SliceAsPtrAndLen, UntrustedSliceAlloc};
 
 mod io_multiplexing;
 mod iovs;

src/libos/src/net/socket_file/mod.rs

@@ -45,21 +45,25 @@ impl Drop for SocketFile {
 // TODO: implement readfrom/sendto
 impl File for SocketFile {
     fn read(&self, buf: &mut [u8]) -> Result<usize> {
+        let (buf_ptr, buf_len) = buf.as_mut().as_mut_ptr_and_len();
         let ret = try_libc!(libc::ocall::read(
             self.host_fd,
-            buf.as_mut_ptr() as *mut c_void,
-            buf.len()
-        ));
-        Ok(ret as usize)
+            buf_ptr as *mut c_void,
+            buf_len
+        )) as usize;
+        assert!(ret <= buf_len);
+        Ok(ret)
     }
 
     fn write(&self, buf: &[u8]) -> Result<usize> {
+        let (buf_ptr, buf_len) = buf.as_ptr_and_len();
         let ret = try_libc!(libc::ocall::write(
             self.host_fd,
-            buf.as_ptr() as *const c_void,
-            buf.len()
-        ));
-        Ok(ret as usize)
+            buf_ptr as *const c_void,
+            buf_len
+        )) as usize;
+        assert!(ret <= buf_len);
+        Ok(ret)
     }
 
     fn read_at(&self, _offset: usize, buf: &mut [u8]) -> Result<usize> {

src/libos/src/net/socket_file/send.rs

@@ -1,5 +1,4 @@
 use super::*;
-use crate::untrusted::{SliceAsMutPtrAndLen, SliceAsPtrAndLen, UntrustedSliceAlloc};
 
 impl SocketFile {
     // TODO: need sockaddr type to implement send/sento