about summary refs log tree commit diff
path: root/library/std/src/sys/windows/c.rs
AgeCommit message (Collapse)AuthorLines
2023-03-21Auto merge of #108262 - ChrisDenton:libntdll, r=Mark-Simulacrumbors-47/+40
Distribute libntdll.a with windows-gnu toolchains This allows the OS loader to load essential functions (e.g. read/write file) at load time instead of lazily doing so at runtime. r? libs
2023-02-27Rollup merge of #107110 - strega-nil:mbtwc-wctmb, r=ChrisDentonMatthias Krüger-2/+30
[stdio][windows] Use MBTWC and WCTMB `MultiByteToWideChar` and `WideCharToMultiByte` are extremely well optimized, and therefore should probably be used when we know we can (specifically in the Windows stdio stuff). Fixes #107092
2023-02-25[stdio][windows] Use MBTWC and WCTMBNicole Mazzuca-2/+30
2023-02-23Fix `is_terminal`'s handling of long paths on Windows.Dan Gohman-8/+0
As reported in sunfishcode/is-terminal#18, there are situations where `GetFileInformationByHandleEx` can write a file name length that is longer than the provided buffer. To avoid deferencing memory past the end of the buffer, use a bounds-checked function to form a slice to the buffer and handle the out-of-bounds case. This ports the fix from sunfishcode/is-terminal#19 to std's `is_terminal` implementation.
2023-02-20Distribute libntdll.a with windows-gnu toolchainsChris Denton-47/+40
This allows loading some essential functions (e.g. read/write file) at load time instead of lazily.
2023-02-14Revert to using `RtlGenRandom`Chris Denton-9/+4
This is required due to `BCryptGenRandom` failing to load the necessary dll on some systems.
2022-11-05Rollup merge of #103995 - SUPERCILEX:typos, r=Dylan-DPCDylan DPC-1/+1
Small round of typo fixes
2022-11-04Small round of typo fixesAlex Saveau-1/+1
Signed-off-by: Alex Saveau <saveau.alexandre@gmail.com>
2022-10-27Use stdio in UWP appsChris Denton-30/+27
This has been supported since Windows 10.0.16299. See https://learn.microsoft.com/en-us/uwp/win32-and-com/win32-apis#apis-from-api-ms-win-core-console-l1-1-0dll
2022-10-21Reduce false positives in msys2 detectionChris Denton-0/+3
This checks that: * the handle is a pipe * the pipe's file name starts with "msys-" or "cygwin-" rather than looking in the full path.
2022-10-15Add `IsTerminal` trait to determine if a descriptor or handle is a terminalJosh Triplett-0/+8
The UNIX and WASI implementations use `isatty`. The Windows implementation uses the same logic the `atty` crate uses, including the hack needed to detect msys terminals. Implement this trait for `File` and for `Stdin`/`Stdout`/`Stderr` and their locked counterparts on all platforms. On UNIX and WASI, implement it for `BorrowedFd`/`OwnedFd`. On Windows, implement it for `BorrowedHandle`/`OwnedHandle`. Based on https://github.com/rust-lang/rust/pull/91121 Co-authored-by: Matt Wilkinson <mattwilki17@gmail.com>
2022-10-13Auto merge of #102655 - joboet:windows_tls_opt, r=ChrisDentonbors-0/+17
Optimize TLS on Windows This implements the suggestion in the current TLS code to embed the linked list of destructors in the `StaticKey` structure to save allocations. Additionally, locking is avoided when no destructor needs to be run. By using one Windows-provided `Once` per key instead of a global lock, locking is more finely-grained (this unblocks #100579).
2022-10-08std: optimize TLS on Windowsjoboet-0/+17
2022-09-20Remove `RtlGenRandom` (take two)Chris Denton-5/+1
First try to use the system preferred RNG but if that fails (e.g. due to a broken system configuration) then fallback to manually opening an algorithm handle.
2022-09-06Open a BCrypt algorithm handleChris Denton-2/+12
2022-09-03Rollup merge of #101325 - ChrisDenton:BCRYPT_RNG_ALG_HANDLE, r=thomccDylan DPC-1/+1
Windows RNG: Use `BCRYPT_RNG_ALG_HANDLE` by default This only changes a small amount of actual code, the rest is documentation outlining the history of this module as I feel it will be relevant to any future issues that might crop up. The code change is to use the `BCRYPT_RNG_ALG_HANDLE` [pseudo-handle](https://docs.microsoft.com/en-us/windows/win32/seccng/cng-algorithm-pseudo-handles) by default, which simply uses the default RNG. Previously we used `BCRYPT_USE_SYSTEM_PREFERRED_RNG` which has to load the system configuration and then find and load that RNG. I suspect this was the cause of failures on some systems (e.g. due to corrupted config). However, this is admittedly speculation as I can't reproduce the issue myself (and it does seem quite rare even in the wild). Still, removing a possible point of failure is likely worthwhile in any case. r? libs
2022-09-02Use `BCRYPT_RNG_ALG_HANDLE` by defaultChris Denton-1/+1
Also briefly document the history of `sys/windows/rand.rs` as they may be relevant to any future changes.
2022-09-01Use `FILE_ATTRIBUTE_TAG_INFO` to get reparse tagChris Denton-0/+6
This avoid unnecessarily getting the full reparse data when all we need is the tag.
2022-08-31Rollup merge of #101171 - thomcc:fix-winfs-ub, r=ChrisDentonMatthias Krüger-0/+6
Fix UB from misalignment and provenance widening in `std::sys::windows` This fixes two types of UB: 1. Reading past the end of a reference in types like `&c::REPARSE_DATA_BUFFER` (see https://github.com/rust-lang/unsafe-code-guidelines/issues/256). This is fixed by using `addr_of!`. I think there are probably a couple more cases where we do this for other structures, and will look into it in a bit. 2. Failing to ensure that a `[u8; N]` on the stack is sufficiently aligned to convert to a `REPARSE_DATA_BUFFER`. ~~This was done by introducing a new `AlignedAs` struct that allows aligning one type to the alignment of another type. I expect there are other places where we have this issue too, or I wouldn't introduce this type, but will get to them after this lands.~~ ~~Worth noting, it *is* implemented in a way that can cause problems depending on how we fix #81996, but this would be caught by the test I added (and presumably if we decide to fix that in a way that would break this code, we'd also introduce a `#[repr(simple)]` or `#[repr(linear)]` as a replacement for this usage of `#[repr(C)]`).~~ Edit: None of that is still in the code, I just went with a `Align8` since that's all we'll need for almost everything we want to call. These are more or less "potential UB" since it's likely at the moment everything works fine, although the alignment not causing issues might just be down to luck (and x86 being forgiving). ~~NB: I've only ensured this check builds, but will run tests soon.~~ All tests pass, including stage2 compiler tests. r? ``@ChrisDenton``
2022-08-29Fix some possible UB in std::sys::windowsThom Chiovoloni-0/+6
2022-08-28Reinstate preloading of some dll importsChris Denton-3/+0
2022-08-18Windows: Load synch functions togetherChris Denton-14/+12
Attempt to load all the required sync functions and fail if any one of them fails. This reintroduces a macro for optional loading of functions but keeps it separate from the fallback macro rather than having that do two different jobs.
2022-08-04Update after code reviewChris Denton-0/+6
2022-08-04Remove Windows function preloadingChris Denton-11/+7
2022-08-01Auto merge of #98246 - joshtriplett:times, r=m-ou-sebors-1/+7
Support setting file accessed/modified timestamps Add `struct FileTimes` to contain the relevant file timestamps, since most platforms require setting all of them at once. (This also allows for future platform-specific extensions such as setting creation time.) Add `File::set_file_time` to set the timestamps for a `File`. Implement the `sys` backends for UNIX, macOS (which needs to fall back to `futimes` before macOS 10.13 because it lacks `futimens`), Windows, and WASI.
2022-07-26Rewrite Windows `compat_fn` macroChris Denton-13/+10
This allows using most delay loaded functions before the init code initializes them. It also only preloads a select few functions, rather than all functions. Co-Authored-By: Mark Rousskov <mark.simulacrum@gmail.com>
2022-07-15Support setting file accessed/modified timestampsJosh Triplett-1/+7
Add `struct FileTimes` to contain the relevant file timestamps, since most platforms require setting all of them at once. (This also allows for future platform-specific extensions such as setting creation time.) Add `File::set_file_time` to set the timestamps for a `File`. Implement the `sys` backends for UNIX, macOS (which needs to fall back to `futimes` before macOS 10.13 because it lacks `futimens`), Windows, and WASI.
2022-07-06Windows: Fallback for overlapped I/OChris Denton-1/+13
Try waiting on the file handle once. If that fails then give up.
2022-06-07Windows: No panic if function not (yet) availableChris Denton-4/+5
In some situations it is possible for required functions to be called before they've had a chance to be loaded. Therefore, we make it possible to recover from this situation simply by looking at error codes.
2022-05-19Rollup merge of #97127 - Mark-Simulacrum:revert-96441, r=m-ou-seYuki Okushi-6/+0
Revert "Auto merge of #96441 - ChrisDenton:sync-pipes, r=m-ou-se" This reverts commit ddb7fbe8434be481607ae199fe2aee976ee2fc2e. Partially addresses https://github.com/rust-lang/rust/issues/97124, but not marking as fixed as we're still pending on a beta backport (for 1.62, which is happening in https://github.com/rust-lang/rust/pull/97088). r? ``@m-ou-se`` ``@ChrisDenton``
2022-05-17Revert "Auto merge of #96441 - ChrisDenton:sync-pipes, r=m-ou-se"Mark Rousskov-6/+0
This reverts commit ddb7fbe8434be481607ae199fe2aee976ee2fc2e, reversing changes made to baaa3b682986879c7784b5733ecea942e9ae7de3.
2022-05-10Make HashMap fall back to RtlGenRandom if BCryptGenRandom failsChris Martin-0/+4
Issue #84096 changed the hashmap RNG to use BCryptGenRandom instead of RtlGenRandom on Windows. Mozilla Firefox started experiencing random failures in env_logger::Builder::new() (Issue #94098) during initialization of their unsandboxed main process with an "Access Denied" error message from BCryptGenRandom(), which is used by the HashMap contained in env_logger::Builder The root cause appears to be a virus scanner or other software interfering with BCrypt DLLs loading. This change adds a fallback option if BCryptGenRandom is unusable for whatever reason. It will fallback to RtlGenRandom in this case. Fixes #94098
2022-04-26Windows: Make stdin pipes synchronousChris Denton-0/+6
Stdin pipes do not need to be used asynchronously within the standard library.
2022-04-16Use a single ReentrantMutex implementation on all platforms.Mara Bos-14/+0
2022-04-05Make `synchronous_write` safe to callChris Denton-7/+0
2022-04-05Complete reads and writes synchronously or abortChris Denton-0/+35
2022-04-05Correct definition of `IO_STATUS_BLOCK`Chris Denton-5/+11
2022-04-04Rollup merge of #95467 - ChrisDenton:async-read-pipe, r=joshtriplettDylan DPC-0/+21
Windows: Synchronize asynchronous pipe reads and writes On Windows, the pipes used for spawned processes are opened for asynchronous access but `read` and `write` are done using the standard methods that assume synchronous access. This means that the buffer (and variables on the stack) may be read/written to after the function returns. This PR ensures reads/writes complete before returning. Note that this only applies to pipes we create and does not affect the standard file read/write methods. Fixes #95411
2022-04-04Correct calling conventionChris Denton-1/+1
2022-03-30Synchronize asynchronous pipe reads and writesChris Denton-0/+21
2022-03-29Make the stdlib largely conform to strict provenance.Aria Beingessner-1/+1
Some things like the unwinders and system APIs are not fully conformant, this only covers a lot of low-hanging fruit.
2022-03-03Use `HandleOrNull` and `HandleOrInvalid` in the Windows FFI bindings.Dan Gohman-4/+5
Use the new `HandleOrNull` and `HandleOrInvalid` types that were introduced as part of [I/O safety] in a few functions in the Windows FFI bindings. This factors out an `unsafe` block and two `unsafe` function calls in the Windows implementation code. And, it helps test `HandleOrNull` and `HandleOrInvalid`, which indeed turned up a bug: `OwnedHandle` also needs to be `#[repr(transparent)]`, as it's used inside of `HandleOrNull` and `HandleOrInvalid` which are also `#[repr(transparent)]`. [I/O safety]: https://github.com/rust-lang/rust/issues/87074
2022-03-01Provide C FFI types via core::ffi, not just in stdJosh Triplett-1/+1
The ability to interoperate with C code via FFI is not limited to crates using std; this allows using these types without std. The existing types in `std::os::raw` become type aliases for the ones in `core::ffi`. This uses type aliases rather than re-exports, to allow the std types to remain stable while the core types are unstable. This also moves the currently unstable `NonZero_` variants and `c_size_t`/`c_ssize_t`/`c_ptrdiff_t` types to `core::ffi`, while leaving them unstable.
2022-02-14Maintain broken symlink behaviour for the Windows exe resolverChris Denton-0/+2
2022-01-24Use `NtCreateFile` instead of `NtOpenFile` to open a fileChris Denton-3/+9
2022-01-19Fix CVE-2022-21658 for WindowsChris Denton-10/+114
2021-12-09Rollup merge of #89999 - talagrand:GetTempPath2, r=m-ou-seMatthias Krüger-0/+6
Update std::env::temp_dir to use GetTempPath2 on Windows when available. As a security measure, Windows 11 introduces a new temporary directory API, GetTempPath2. When the calling process is running as SYSTEM, a separate temporary directory will be returned inaccessible to non-SYSTEM processes. For non-SYSTEM processes the behavior will be the same as before. This can help mitigate against attacks such as this one: https://medium.com/csis-techblog/cve-2020-1088-yet-another-arbitrary-delete-eop-a00b97d8c3e2 Compatibility risk: Software which relies on temporary files to communicate between SYSTEM and non-SYSTEM processes may be affected by this change. In many cases, such patterns may be vulnerable to the very attacks the new API was introduced to harden against. I'm unclear on the Rust project's tolerance for such change-of-behavior in the standard library. If anything, this PR is meant to raise awareness of the issue and hopefully start the conversation. How tested: Taking the example code from the documentation and running it through psexec (from SysInternals) on Win10 and Win11. On Win10: C:\test>psexec -s C:\test\main.exe <...> Temporary directory: C:\WINDOWS\TEMP\ On Win11: C:\test>psexec -s C:\test\main.exe <...> Temporary directory: C:\Windows\SystemTemp\
2021-10-31 Windows: Resolve Command program without using the current directoryChris Denton-0/+2
2021-10-30Auto merge of #89174 - ChrisDenton:automatic-verbatim-paths, r=dtolnaybors-0/+6
Automatically convert paths to verbatim for filesystem operations that support it This allows using longer paths without the user needing to `canonicalize` or manually prefix paths. If the path is already verbatim then this has no effect. Fixes: #32689
2021-10-26Clarify platform availability of GetTempPath2Eugene Talagrand-1/+1
Windows Server 2022 is a different version from Win11, breaking precent