From dd1a3e7675df26748d070e94912ebe1587cb9241 Mon Sep 17 00:00:00 2001
From: Aaron Hill <aa1ronham@gmail.com>
Date: Wed, 5 May 2021 06:16:12 -0400
Subject: [PATCH] Fix loophole in soundness of `__private_get_type_id__`
 (#2199)

---
 actix-http/src/macros.rs | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/actix-http/src/macros.rs b/actix-http/src/macros.rs
index 7cf0e288..be8e63d6 100644
--- a/actix-http/src/macros.rs
+++ b/actix-http/src/macros.rs
@@ -15,8 +15,15 @@ macro_rules! downcast_get_type_id {
         /// making it impossible for safe code to construct outside of
         /// this module. This ensures that safe code cannot violate
         /// type-safety by implementing this method.
+        ///
+        /// We also take `PrivateHelper` as a parameter, to ensure that
+        /// safe code cannot obtain a `PrivateHelper` instance by
+        /// delegating to an existing implementation of `__private_get_type_id__`
         #[doc(hidden)]
-        fn __private_get_type_id__(&self) -> (std::any::TypeId, PrivateHelper)
+        fn __private_get_type_id__(
+            &self,
+            _: PrivateHelper,
+        ) -> (std::any::TypeId, PrivateHelper)
         where
             Self: 'static,
         {
@@ -39,7 +46,9 @@ macro_rules! downcast {
         impl dyn $name + 'static {
             /// Downcasts generic body to a specific type.
             pub fn downcast_ref<T: $name + 'static>(&self) -> Option<&T> {
-                if self.__private_get_type_id__().0 == std::any::TypeId::of::<T>() {
+                if self.__private_get_type_id__(PrivateHelper(())).0
+                    == std::any::TypeId::of::<T>()
+                {
                     // SAFETY: external crates cannot override the default
                     // implementation of `__private_get_type_id__`, since
                     // it requires returning a private type. We can therefore
@@ -53,7 +62,9 @@ macro_rules! downcast {
 
             /// Downcasts a generic body to a mutable specific type.
             pub fn downcast_mut<T: $name + 'static>(&mut self) -> Option<&mut T> {
-                if self.__private_get_type_id__().0 == std::any::TypeId::of::<T>() {
+                if self.__private_get_type_id__(PrivateHelper(())).0
+                    == std::any::TypeId::of::<T>()
+                {
                     // SAFETY: external crates cannot override the default
                     // implementation of `__private_get_type_id__`, since
                     // it requires returning a private type. We can therefore