`current_working_directory` may read out of bounds and uninitialized memory with long paths

ned14 / llfio

P1031 low level file i/o and filesystem library for the C++ standard

https://ned14.github.io/llfio/

Other

881 stars 45 forks source link

`current_working_directory` may read out of bounds and uninitialized memory with long paths #118

Closed BurningEnlightenment closed 1 year ago

BurningEnlightenment commented 1 year ago

https://github.com/ned14/llfio/blob/ee65f1b99ecdf12ee0d011e3d8e3b1c6eae67644/include/llfio/v2.0/detail/impl/windows/path_discovery.ipp#L162-L168

GetCurrentDirectory returns the required buffer size if the path doesn't fit into the given buffer (see Windows docs). In case of a long path aware application this can lead to passing the uninitialized buffer with an out of bounds size to the fs_handle constructor.

BurningEnlightenment commented 1 year ago

@ned14 given that we generally don't allocate heap memory, we would either need to increase the buffer size to 2^15 or check written > MAX_PATH and return an error code, right?

ned14 commented 1 year ago

Sorry, forgot about this one with the Varna meeting. And I'm heading to New York tomorrow for a few days for the new job.

Stack is cheap on Windows, so I'd just bump that buffer to 32769 like most other parts of LLFIO.

BurningEnlightenment commented 1 year ago

Fixed by fed9ca7c7323ad9dc1cee97bc12c6e0aea28d28a