diff --git a/apps/desktop/desktop_native/win_webauthn/src/plugin/types.rs b/apps/desktop/desktop_native/win_webauthn/src/plugin/types.rs index cffd0136248..f20f6945c91 100644 --- a/apps/desktop/desktop_native/win_webauthn/src/plugin/types.rs +++ b/apps/desktop/desktop_native/win_webauthn/src/plugin/types.rs @@ -392,11 +392,11 @@ impl TryFrom> for PluginMakeCredentia inner: registration_request as *const WEBAUTHN_CTAPCBOR_MAKE_CREDENTIAL_REQUEST, window_handle: request.hWnd, transaction_id: request.transactionId, - request_signature: Vec::from_raw_parts( + request_signature: std::slice::from_raw_parts( request.pbRequestSignature, request.cbEncodedRequest as usize, - request.cbEncodedRequest as usize, - ), + ) + .to_vec(), }) } } @@ -515,9 +515,9 @@ impl PluginMakeCredentialResponse { "Received null pointer from WebAuthNEncodeMakeCredentialResponse", )); } - let response = unsafe { - Vec::from_raw_parts(response_ptr, response_len as usize, response_len as usize) - }; + // SAFETY: Windows returned successful response code, so we assume that the pointer and length are valid. + let response = + unsafe { std::slice::from_raw_parts(response_ptr, response_len as usize).to_vec() }; Ok(response) } @@ -747,11 +747,11 @@ impl TryFrom> for PluginGetAssertionR inner: assertion_request as *const WEBAUTHN_CTAPCBOR_GET_ASSERTION_REQUEST, window_handle: request.hWnd, transaction_id: request.transactionId, - request_signature: Vec::from_raw_parts( + request_signature: std::slice::from_raw_parts( request.pbRequestSignature, request.cbEncodedRequest as usize, - request.cbEncodedRequest as usize, - ), + ) + .to_vec(), }) } }