Mat should have non-owning counterpart

[vadixidav]

In the documentation I found from_buffer. This method indicates that it is possible to actually invoke a double-free without doing anything. Additionally, the source of from_buffer doesn't check to see if the slice is big enough! This means that undefined behavior and segfaults could happen.

To fix this, we should create a SliceMat. This would be a cv::Mat that does not own its data. It would be templated with a lifetime param <'a> so that when it is created from a slice it wont be allowed to outlive the slice due to the Rust borrow checker. We then also need to make a newtype wrapper around just the cv::Mat pointer that opencv has and move all the shared functionality we have into there. We can call this wrapper MatRef. We then impl Deref<MatRef> for Mat and impl Deref<MatRef> for SliceMat.

[Pzixel]

IIRC from_buffer copies its data but I may be wrong here.

Checking array length cannot be done before Mat is constructed because different CvType require different buffer size. Only opencv itself could tell us if buffer if big enough so I think it's better to just handle OutOfBoundException in C++ or something, and return Result istead of mat.

[vadixidav]

Oh, I see, so right now it is just undefined behavior if your buffer is the wrong size. I will create the appropriate unit tests then and change this to get back a Result.

[Pzixel]

There are some hepers class (CResult, in instance) that helps you to convert C++ Exception into rust Result. See

cv-rs/native/common.h

Lines 68 to 87 in b602103

	// Caller is responsible for disposing `error` field
	template <typename T>
	struct Result {
	T value;
	CDisposableString error;
	static Result<T> FromFunction(std::function<T()> function) {
	T value;
	char* error = nullptr;
	try {
	value = function();
	} catch (cv::Exception& e) {
	const char* err_msg = e.what();
	auto len = std::strlen(err_msg);
	error = new char[len + 1];
	std::strcpy(error, err_msg);
	}
	return Result<T>{value, CDisposableString{error}};
	}
	};