file_win32: fix file handling bugs in cio_file_win32.c

edsiper · edsiper · commit bb267bed43d4 · 2025-11-02T19:46:11.000-06:00
- cio_file_native_delete: Prevent deletion of open/mapped files (resource leak)
- cio_file_native_sync: Fix NULL pointer access when syncing unmapped files (crash)
- cio_file_native_map: Fix mapping size mismatch causing data corruption

These bugs could cause crashes, resource leaks, and data corruption on Windows.

Signed-off-by: Eduardo Silva &lt;eduardo@chronosphere.io&gt;
diff --git a/src/cio_file_win32.c b/src/cio_file_win32.c
@@ -67,6 +67,9 @@ int cio_file_native_map(struct cio_file *cf, size_t map_size)
 {
     DWORD desired_protection;
     DWORD desired_access;
+    size_t file_size;
+    size_t actual_map_size;
+    int ret;
 
     if (cf == NULL) {
         return CIO_ERROR;
@@ -92,12 +95,39 @@ int cio_file_native_map(struct cio_file *cf, size_t map_size)
         return CIO_ERROR;
     }
 
+    /* Get current file size to ensure we don't map beyond it for read-only files */
+    ret = cio_file_native_get_size(cf, &file_size);
+    if (ret != CIO_OK) {
+        return CIO_ERROR;
+    }
+
+    /* For read-only files, we cannot map beyond the file size */
+    /* For read-write files, if map_size > file_size, we should resize first */
+    if (cf->flags & CIO_OPEN_RD) {
+        if (map_size > file_size) {
+            actual_map_size = file_size;
+        }
+        else {
+            actual_map_size = map_size;
+        }
+    }
+    else {
+        /* For RW files, if map_size > file_size, resize the file first */
+        if (map_size > file_size) {
+            ret = cio_file_native_resize(cf, map_size);
+            if (ret != CIO_OK) {
+                return CIO_ERROR;
+            }
+        }
+        actual_map_size = map_size;
+    }
+
     /* CreateFileMappingA requires size as two DWORDs (high and low) */
-    /* Passing (0, 0) uses current file size, but we want map_size */
+    /* Use actual_map_size to ensure consistency */
     cf->backing_mapping = CreateFileMappingA(cf->backing_file, NULL,
                                              desired_protection,
-                                             (DWORD)(map_size >> 32),
-                                             (DWORD)(map_size & 0xFFFFFFFFUL),
+                                             (DWORD)(actual_map_size >> 32),
+                                             (DWORD)(actual_map_size & 0xFFFFFFFFUL),
                                              NULL);
 
     if (cf->backing_mapping == NULL) {
@@ -106,7 +136,7 @@ int cio_file_native_map(struct cio_file *cf, size_t map_size)
         return CIO_ERROR;
     }
 
-    cf->map = MapViewOfFile(cf->backing_mapping, desired_access, 0, 0, map_size);
+    cf->map = MapViewOfFile(cf->backing_mapping, desired_access, 0, 0, actual_map_size);
 
     if (cf->map == NULL) {
         cio_file_native_report_os_error();
@@ -118,7 +148,7 @@ int cio_file_native_map(struct cio_file *cf, size_t map_size)
         return CIO_ERROR;
     }
 
-    cf->alloc_size = map_size;
+    cf->alloc_size = actual_map_size;
 
     return CIO_OK;
 }
