`atty` potential unaligned read

[niluxv]

I found some discussions on a potential unaligned read in atty (10,564,450 recent downloads; 3 years since the last release). I think it legitimately looks like a soundness bug (though I guess it won't cause issues with the usual global allocators?). The issue was filed more than a year ago.

If I understand correctly, FILE_NAME_INFO boils down to a struct like

#[repr(C)]
struct FILE_NAME_INFO {
    FileNameLength: u32,
    FileName: [u16; 1],
}

which has align 4 (playground). The vector name_info_bytes in https://github.com/softprops/atty/blob/7b5df17888997d57c2c1c8f91da1db5691f49953/src/lib.rs#L131-L141 need not be 4 byte aligned (though with any sane allocator it will be?).

Links:

• original issue on atty
• PR fixing the issue; same author as the issue
• discussion over at clap
• atty maintenance status issue

[pinkforest]

Hey thanks :) Would you mind filing a PR with informational = "unsound" ?

To me it also looks like it's not maintained so we can go with that too 👍

[pinkforest]

People also at Wg-unsafe-guidelines agree that this indeed is unsound
https://rust-lang.zulipchat.com/#narrow/stream/136281-t-lang.2Fwg-unsafe-code-guidelines/topic/.60.23.5Bglobal_allocator.5D.60.20academic.20dilemma/near/311530432

Thanks to @thomcc who had picked up when this was being ported to std and pointed to:
rust-lang/rust#98033 (comment)

Also thanks to @digama0 to also confirm this

[pinkforest]

Resolved via #1462