ArrayPool can be larger than requested resulting in freeing uninitialized GCHandles #1405
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
What's currently blocking this PR from being merged? Our error logs are full of handle not initialised errors due to this, and we had to downgrade to 0.3.162 for the time being, so it would be nice for this to get fixed! |
|
+1 We've been stuck on 0.3.162 for seven months now. This PR has gone five months without comment from the maintainers. @copilot can you help with this one? |
|
I'm taking a look at this PR now. @jlaanstra we always include a test case for changes like this. I'll add one to your branch and also merge in latest main. Stay tuned. |
|
/azp run |
jevansaks
approved these changes
Oct 22, 2025
AArnott
approved these changes
Oct 22, 2025
This was referenced Oct 22, 2025
Bump Microsoft.Windows.CsWin32 from 0.3.213 to 0.3.228
progressonderwijs/ProgressOnderwijsUtils#1192
Closed
Closed
craigktreasure
pushed a commit
to craigktreasure/StartMenuCleaner
that referenced
this pull request
Oct 25, 2025
Updated [Microsoft.Windows.CsWin32](https://github.com/microsoft/CsWin32) from 0.3.205 to 0.3.228. <details> <summary>Release notes</summary> _Sourced from [Microsoft.Windows.CsWin32's releases](https://github.com/microsoft/CsWin32/releases)._ ## 0.3.228 ## What's Changed * BuildTask mode should not generate types from InternalsVisibleTo referenced assemblies by @jevansaks in microsoft/CsWin32#1492 * CsWin32 build task fixes for NET8/CSharp12 by @jevansaks in microsoft/CsWin32#1498 * Fix platform case sensitivity issue with CsWin32Generator tool by @jevansaks in microsoft/CsWin32#1499 * Update documentation for CsWin32RunAsBuildTask mode by @jevansaks in microsoft/CsWin32#1497 * ArrayPool can be larger than requested resulting in freeing uninitialized GCHandles by @jlaanstra in microsoft/CsWin32#1405 * Fix analyzer test break in devdiv AzDO account by @AArnott in microsoft/CsWin32#1504 ## New Contributors * @jlaanstra made their first contribution in microsoft/CsWin32#1405 **Full Changelog**: microsoft/CsWin32@v0.3.217...v0.3.228 https://www.nuget.org/packages/Microsoft.Windows.CsWin32/0.3.228 ## 0.3.217 ## What's Changed * Add cswin32 mode to generate [GeneratedComInterface] and [LibraryImport] code by @jevansaks in microsoft/CsWin32#1474 * Handle UnauthorizedAccessException in new ComTests by @jevansaks in microsoft/CsWin32#1486 * Project byte* parameters as Span<byte> by @jevansaks in microsoft/CsWin32#1488 * Fix nuspec to refer to only signed files and drop apphost.exe from the nuget by @jevansaks in microsoft/CsWin32#1489 **Full Changelog**: microsoft/CsWin32@v0.3.213...v0.3.217 ## 0.3.213 ## What's Changed * Retarget to roslyn for VS 2022 Update 14 by @AArnott in microsoft/CsWin32#1466 * .NET targeting projects should reference `Microsoft.Windows.SDK.NET.Ref` instead by @AArnott in microsoft/CsWin32#1471 * Update win32metadata version to 65.0.8-preview by @jevansaks in microsoft/CsWin32#1469 * Update dependency Microsoft.Build.NoTargets to 3.7.134 by @renovate[bot] in microsoft/CsWin32#1461 **Full Changelog**: microsoft/CsWin32@v0.3.205...v0.3.213 Commits viewable in [compare view](microsoft/CsWin32@v0.3.205...v0.3.228). </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Oct 27, 2025
This was referenced Oct 27, 2025
Closed
Bump Microsoft.Windows.CsWin32 from 0.3.217 to 0.3.231
nefarius/Nefarius.Utilities.WindowsVersion#23
Closed
Bump Microsoft.Windows.CsWin32 from 0.3.213 to 0.3.235
progressonderwijs/ProgressOnderwijsUtils#1195
Closed
Closed
Bump Microsoft.Windows.CsWin32 from 0.3.213 to 0.3.236
progressonderwijs/ProgressOnderwijsUtils#1196
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Code generator assumes the array returned from ArrayPool is exactly the size requested, but in reality it can be larger, resulting in freeing uninitialized GCHandles which throws.
Fix this by switching to for loop instead of foreach.
Fixes #1421.