The call to GetFinalPathNameByHandleW() in src/libnative/io/file.rs needs to be audited. I am not a Windows developer, but my interpretation of the documentation indicates that the buffer length provided to that function should be 1 less than the actual buffer size. The reasoning is that the documentation states:
cchFilePath [in]
The size of lpszFilePath, in TCHARs. This value does not include a NULL termination character.
yet the function itself will NULL-terminate the output it writes. To me this says that it will write one more TCHAR to the buffer than is indicated by cchFilePath.
This should be verified by someone who is actually familiar with Windows APIs.
The call to
GetFinalPathNameByHandleW()insrc/libnative/io/file.rsneeds to be audited. I am not a Windows developer, but my interpretation of the documentation indicates that the buffer length provided to that function should be 1 less than the actual buffer size. The reasoning is that the documentation states:yet the function itself will NULL-terminate the output it writes. To me this says that it will write one more TCHAR to the buffer than is indicated by
cchFilePath.This should be verified by someone who is actually familiar with Windows APIs.