Rollup of 5 pull requests #91596
Closed
Rollup of 5 pull requests #91596
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As a security measure, Windows 11 introduces a new temporary directory API, GetTempPath2. When the calling process is running as SYSTEM, a separate temporary directory will be returned inaccessible to non-SYSTEM processes. For non-SYSTEM processes the behavior will be the same as before.
Windows Server 2022 is a different version from Win11, breaking precent
…n it existed. Also, no tests fail when turning that arm into an ICE
Adds the minimial repro test case from rust-lang#85360. The fix for rust-lang#85360 was supposed to be rust-lang#85868 however the repro was resolved in the 2021-07-05 nightly while rust-lang#85360 didn't land until 2021-09-03. The reason for that is d34a3a4 **also** resolves that issue. To test if rust-lang#85868 actually fixes rust-lang#85360, I reverted d34a3a4 and found that rust-lang#85868 does indeed resolve rust-lang#85360. With that question resolved, add a test case to our incremental test suite for the original Ok(EvaluatedToOkModuloRegions) ICE. Thanks to @lqd for helping track this down!
As suggested via reviewer feedback.
Signed-off-by: TennyZhuang <zty0826@gmail.com>
Update std::env::temp_dir to use GetTempPath2 on Windows when available. As a security measure, Windows 11 introduces a new temporary directory API, GetTempPath2. When the calling process is running as SYSTEM, a separate temporary directory will be returned inaccessible to non-SYSTEM processes. For non-SYSTEM processes the behavior will be the same as before. This can help mitigate against attacks such as this one: https://medium.com/csis-techblog/cve-2020-1088-yet-another-arbitrary-delete-eop-a00b97d8c3e2 Compatibility risk: Software which relies on temporary files to communicate between SYSTEM and non-SYSTEM processes may be affected by this change. In many cases, such patterns may be vulnerable to the very attacks the new API was introduced to harden against. I'm unclear on the Rust project's tolerance for such change-of-behavior in the standard library. If anything, this PR is meant to raise awareness of the issue and hopefully start the conversation. How tested: Taking the example code from the documentation and running it through psexec (from SysInternals) on Win10 and Win11. On Win10: C:\test>psexec -s C:\test\main.exe <...> Temporary directory: C:\WINDOWS\TEMP\ On Win11: C:\test>psexec -s C:\test\main.exe <...> Temporary directory: C:\Windows\SystemTemp\
Add test for evaluate_obligation: Ok(EvaluatedToOkModuloRegions) ICE Adds the minimial repro test case from rust-lang#85360. The fix for rust-lang#85360 was supposed to be rust-lang#85868 however the repro was resolved in the 2021-07-05 nightly while rust-lang#85868 didn't land until 2021-09-03. The reason for that is d34a3a4 **also** resolves that issue. To test if rust-lang#85868 actually fixes rust-lang#85360, I reverted d34a3a4 and found that rust-lang#85868 does indeed resolve rust-lang#85360. With that question resolved, add a test case to our incremental test suite for the original Ok(EvaluatedToOkModuloRegions) ICE. Thanks to `@lqd` for helping track this down!
Remove a dead code path. It is neither documented nor can I see any way it could ever be reached. Also, no tests fail when turning that arm into an ICE
…rister Tweak "call this function" suggestion to have smaller span
…scottmcm Suggest try_reserve in try_reserve_exact During developing rust-lang#91529 , I found that `try_reserve_exact` suggests `reserve` for further insertions. I think it's a mistake by copy&paste, `try_reserve` is better here.
|
@bors r+ rollup=never p=5 |
|
📌 Commit 779cd09 has been approved by |
bors
added
the
S-waiting-on-bors
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Successful merges:
Failed merges:
r? @ghost
@rustbot modify labels: rollup
Create a similar rollup