Validate DOS path before returning

And some other minor refactors which address more review comments.
author: Jakub Konka <kubkon@jakubkonka.com> 2020-08-10 12:30:24 +0200
committer: Jakub Konka <kubkon@jakubkonka.com> 2020-08-10 16:39:02 +0200
commit: 73b9f657460b040eaed4145a88f76db997d73987 (patch)
tree: de97284473f92586a0deea00b4f1299610237419 /lib/std
parent: cd8e6b66d046f73e4a9a4211557f52bdc1424de7 (diff)
download: zig-73b9f657460b040eaed4145a88f76db997d73987.tar.gz
zig-73b9f657460b040eaed4145a88f76db997d73987.zip
1 files changed, 11 insertions, 6 deletions
diff --git a/lib/std/os/windows.zig b/lib/std/os/windows.zig
index 6451c64e06..cf42266d26 100644
--- a/lib/std/os/windows.zig
+++ b/lib/std/os/windows.zig
@@ -897,6 +897,7 @@ pub fn SetFilePointerEx_CURRENT_get(handle: HANDLE) SetFilePointerError!u64 {
 }
 
 pub const GetFinalPathNameByHandleError = error{
+    BadPathName,
     FileNotFound,
     NameTooLong,
     Unexpected,
@@ -925,11 +926,11 @@ pub fn GetFinalPathNameByHandle(
 ) GetFinalPathNameByHandleError![]u16 {
     // Get normalized path; doesn't include volume name though.
     var path_buffer: [@sizeOf(FILE_NAME_INFORMATION) + PATH_MAX_WIDE * 2]u8 align(@alignOf(FILE_NAME_INFORMATION)) = undefined;
-    try QueryInformationFile(hFile, FILE_INFORMATION_CLASS.FileNormalizedNameInformation, path_buffer[0..]);
+    try QueryInformationFile(hFile, .FileNormalizedNameInformation, path_buffer[0..]);
 
     // Get NT volume name.
     var volume_buffer: [@sizeOf(FILE_NAME_INFORMATION) + MAX_PATH]u8 align(@alignOf(FILE_NAME_INFORMATION)) = undefined; // MAX_PATH bytes should be enough since it's Windows-defined name
-    try QueryInformationFile(hFile, FILE_INFORMATION_CLASS.FileVolumeNameInformation, volume_buffer[0..]);
+    try QueryInformationFile(hFile, .FileVolumeNameInformation, volume_buffer[0..]);
 
     const file_name = @ptrCast(*const FILE_NAME_INFORMATION, &path_buffer[0]);
     const file_name_u16 = @ptrCast([*]const u16, &file_name.FileName[0])[0 .. file_name.FileNameLength / 2];
@@ -1010,8 +1011,14 @@ pub fn GetFinalPathNameByHandle(
 
                     std.mem.copy(u16, out_buffer[0..], drive_letter);
                     std.mem.copy(u16, out_buffer[drive_letter.len..], file_name_u16);
+                    const total_len = drive_letter.len + file_name_u16.len;
 
-                    return out_buffer[0 .. drive_letter.len + file_name_u16.len];
+                    // Validate that DOS does not contain any spurious nul bytes.
+                    if (std.mem.indexOfScalar(u16, out_buffer[0..total_len], 0)) |_| {
+                        return error.BadPathName;
+                    }
+
+                    return out_buffer[0..total_len];
                 }
             }
 
@@ -1030,9 +1037,7 @@ pub fn QueryInformationFile(
     out_buffer: []u8,
 ) QueryInformationFileError!void {
     var io: IO_STATUS_BLOCK = undefined;
-    const len_bytes = std.math.cast(u32, out_buffer.len) catch |err| switch (err) {
-        error.Overflow => std.math.maxInt(u32), // If the provided buffer is larger than what we can handle, set size to max what we can handle
-    };
+    const len_bytes = std.math.cast(u32, out_buffer.len) catch unreachable;
     const rc = ntdll.NtQueryInformationFile(handle, &io, out_buffer.ptr, len_bytes, info_class);
     switch (rc) {
         .SUCCESS => {},
author	Jakub Konka <kubkon@jakubkonka.com>	2020-08-10 12:30:24 +0200
committer	Jakub Konka <kubkon@jakubkonka.com>	2020-08-10 16:39:02 +0200
commit	73b9f657460b040eaed4145a88f76db997d73987 (patch)
tree	de97284473f92586a0deea00b4f1299610237419 /lib/std
parent	cd8e6b66d046f73e4a9a4211557f52bdc1424de7 (diff)
download	zig-73b9f657460b040eaed4145a88f76db997d73987.tar.gz zig-73b9f657460b040eaed4145a88f76db997d73987.zip