Windows: buffer uninitialized if longer than 2^32 bytes

The [Windows implementation for `getrandom_inner()`](https://github.com/rust-random/getrandom/blob/bcad3fb877e04536b07177d1e1b995a88c428d5d/src/windows.rs#L21) calls [`RtlGenRandom`](https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/nf-ntsecapi-rtlgenrandom). However, the length parameter is a `ULONG` (i.e. a `u32`). 

Thus, if a buffer of length `2^32` is passed to `getrandom()` on Windows, the call `dest.len() as ULONG` [truncates the value](https://doc.rust-lang.org/reference/expressions/operator-expr.html#semantics) to 0. This results in the function seeming to succeed, but without writing any data. 

Thanks to @briansmith's [*ring* implementation](https://github.com/briansmith/ring/blob/8237fac8be15a7f0142e8c838a8eaf037a3ad225/src/rand.rs#L172-L179), for pointing this out.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Windows: buffer uninitialized if longer than 2^32 bytes #31

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Windows: buffer uninitialized if longer than 2^32 bytes #31

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions