Possible UB in `base_relocs::build`

[cicilzx]

Hi, I found a UB reported by miri.

extern crate pelite;

fn main() {
    let rvas_vec_0 = [1000u32, 1002u32];
    let rvas_slice_2 = &rvas_vec_0;

    let types_vec_0 = [3u8, 3u8];
    let types_slice_2 = &types_vec_0;

    let _ = pelite::base_relocs::build(rvas_slice_2, types_slice_2);
}

I'm using pelite = "0.10.0":

[dependencies]
pelite = "0.10.0"

• OS: Linux x86_64 (Ubuntu)
• Rust toolchain: nightly-2024-12-15

Running the command:

cargo miri run

This is the bug report:

error: Undefined Behavior: accessing memory based on pointer with alignment 1, but alignment 4 is required
   --> .../pelite-0.10.0/src/base_relocs.rs:237:5
    |
237 |                 (*block_ptr).VirtualAddress = start;
    |                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ accessing memory based on pointer with alignment 1, but alignment 4 is required
    |
    = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
    = note: inside closure at .../pelite-0.10.0/src/base_relocs.rs:237:5: 237:40
    = note: inside `pelite::util::extend_in_place::<'_, u8, {closure@pelite::base_relocs::build::{closure#0}}>` at .../pelite-0.10.0/src/util/mod.rs:138:2: 138:90
    = note: inside `pelite::base_relocs::build` at .../pelite-0.10.0/src/base_relocs.rs:234:4: 250:6

My understanding is that build appends raw bytes to a Vec<u8> and then casts the newly added region to *mut IMAGE_BASE_RELOCATION, writing u32 fields through dereferencing. Since Vec<u8> only provides 1-byte alignment, but IMAGE_BASE_RELOCATION (with #[repr(C)] and u32 fields) requires 4-byte alignment, the resulting pointer may be misaligned. Dereferencing such a pointer would be undefined behavior, which Miri appears to detect.

[CasualX]

Thanks, this looks legit.
I haven't been interested in maintenance, sorry. I'll get to it eventually.