From 380f130d0e5c7269e887b250a3ddcfcbfabfaaec Mon Sep 17 00:00:00 2001
From: Marijn Schouten <hkBst@users.noreply.github.com>
Date: Fri, 6 Dec 2024 20:38:30 +0100
Subject: [PATCH] iter::slice_skip remove possibility of underflow in
 debug_assert (#187)

`self.cursor.sub(skip)` must point inside the allocation of this object or this is UB, not to mention the possibility that if `skip` if very large self.cursor.sub(skip) may underflow and fail to trigger the debug_assertion.
---
 src/iter.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/iter.rs b/src/iter.rs
index c43ae51..4c5fa88 100644
--- a/src/iter.rs
+++ b/src/iter.rs
@@ -109,7 +109,7 @@ impl<'a> Bytes<'a> {
     /// implies a skip of at most 3).
     #[inline]
     pub unsafe fn slice_skip(&mut self, skip: usize) -> &'a [u8] {
-        debug_assert!(self.cursor.sub(skip) >= self.start);
+        debug_assert!(skip <= self.cursor.offset_from(self.start) as usize);
         let head = slice_from_ptr_range(self.start, self.cursor.sub(skip));
         self.commit();
         head