Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unpaired surrogate in OsStr on Windows leads to debug_assert failure in v6.4.0 #14

Closed
oconnor663 opened this issue Nov 20, 2022 · 2 comments
Closed

unpaired surrogate in OsStr on Windows leads to debug_assert failure in v6.4.0 #14

oconnor663 opened this issue Nov 20, 2022 · 2 comments

Comments

@oconnor663
Copy link

My b3sum crate depends on os_str_bytes (6.4.0) indirectly via clap (4.0.26), and I have a test case that uses invalid UTF-16 filenames on Windows. 76c28d5#diff-3b7ba22f3645054b5b1c07651b4c378e01c0f8eda295e24e4bedf4e6e3a79382R72 added a debug_assert that is failing in CI for me. The following is a minimized repro of what I think is causing the crash:

use os_str_bytes::RawOsStr;
use std::ffi::OsString;
use std::os::windows::ffi::OsStringExt;

fn main() {
    // Create an invalid UTF-16 string containing a single "unpaired surrogate".
    let bad_str = OsString::from_wide(&[0xDC00]);
    let raw = RawOsStr::new(&bad_str);
    dbg!(raw.as_raw_bytes());
    // This crashes in debug mode with os_str_bytes 6.4.0 but not 6.3.1.
    raw.to_os_str();
}
oconnor663 added a commit to BLAKE3-team/BLAKE3 that referenced this issue Nov 20, 2022
@oconnor663
downgrade os_str_bytes to v6.3.1 in b3sum/Cargo.lock
afa717c 
v6.4.0 has a bug where invalid UTF-16 filenames fail a debug_assert on
Windows. See dylni/os_str_bytes#14. The vast
majority of b3sum users should be running a binary built in release mode
and shouldn't be affected by this. This lockfile change fixes our CI,
but note that `cargo install` doesn't respect lockfiles by default
(without --locked), so anyone running a debug binary against invalid
Windows filepaths (very rare) will still need to wait for an upstream
patch release.
@dylni
Copy link
Owner

dylni commented Nov 21, 2022

Thanks for this issue! This has been fixed in version 6.4.1, but I'm surprised this wasn't caught in fuzz testing I performed before the release.

The previous version has been yanked as well. However, this should not have caused any incorrect results, aside from the failed assertion, for any Rust version so far.

@dylni dylni closed this as completed Nov 21, 2022
@oconnor663
Copy link
Author

Confirmed that v6.4.1 fixes my tests. Thanks for the lightning speed fix!

kayabaNerve added a commit to serai-dex/serai that referenced this issue Nov 21, 2022
@kayabaNerve
cargo update
138bb46 
Mandated by dylni/os_str_bytes#14.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@oconnor663 @dylni