Add a helper function for avoiding certain race conditions in Win32 API calls #476
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jakepetroules
requested review from
aciidgh,
mirza-garibovic,
mhrawdon,
neonichu and
owenv
as code owners
|
@swift-ci test |
jakepetroules
force-pushed
the
eng/PR-win32-safe-alloc
branch
from
0beeb8e to
753c8ee
Compare
|
@swift-ci test |
jakepetroules
force-pushed
the
eng/PR-win32-safe-alloc
branch
from
753c8ee to
185d17a
Compare
|
@swift-ci test |
neonichu
approved these changes
May 1, 2025
jakepetroules
force-pushed
the
eng/PR-win32-safe-alloc
branch
from
185d17a to
7c5afad
Compare
|
@swift-ci test |
…PI calls For many Win32 APIs returning strings, the expected usage is to first call the API with a nil buffer and 0 capacity to receive the buffer count, then call it again with a buffer of the right size. However, some APIs refer to external state which can change between calls (such as GetEnvironmentVariableW and GetCurrentDirectoryW). This can lead to race conditions where the buffer doesn't end up being of sufficient size to hold the result, and the call fails. To protect against this, add a helper function with a reusable algorithm that continually doubles the buffer size until it's large enough to hold the result, up to a specified maximum to prevent denial of service attacks.
jakepetroules
force-pushed
the
eng/PR-win32-safe-alloc
branch
from
7c5afad to
e674698
Compare
|
@swift-ci test |
|
@swift-ci test macos |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
For many Win32 APIs returning strings, the expected usage is to first call the API with a nil buffer and 0 capacity to receive the buffer count, then call it again with a buffer of the right size. However, some APIs refer to external state which can change between calls (such as GetEnvironmentVariableW and GetCurrentDirectoryW). This can lead to race conditions where the buffer doesn't end up being of sufficient size to hold the result, and the call fails. To protect against this, add a helper function with a reusable algorithm that continually doubles the buffer size until it's large enough to hold the result, up to a specified maximum to prevent denial of service attacks.