fix: resolve clippy lints in win-api-wrappers for strict enforcement (#1563)

Author: Copilot

.gitignore

@@ -7,4 +7,4 @@ obj/
 /output/
 /config/
 *.DotSettings
-.angular
+.angular

crates/win-api-wrappers/src/fs.rs

@@ -25,7 +25,12 @@ pub fn get_system32_path() -> anyhow::Result<String> {
     // SAFETY:
     // - `buffer.as_mut_ptr()` gives a valid writable pointer for MAX_PATH u16s.
     // - `GetSystemDirectoryW` expects a valid mutable wide string buffer.
-    let len = unsafe { GetSystemDirectoryW(Some(std::slice::from_raw_parts_mut(buffer.as_mut_ptr(), buffer.len()))) };
+    let len = {
+        // SAFETY: We construct a valid slice from the buffer.
+        let slice = unsafe { std::slice::from_raw_parts_mut(buffer.as_mut_ptr(), buffer.len()) };
+        // SAFETY: slice is a valid mutable wide string buffer.
+        unsafe { GetSystemDirectoryW(Some(slice)) }
+    };
 
     if len == 0 {
         anyhow::bail!("GetSystemDirectoryW failed");

crates/win-api-wrappers/src/identity/account.rs

@@ -376,6 +376,7 @@ pub fn enumerate_account_rights(sid: &Sid) -> anyhow::Result<Vec<U16CString>> {
 
     if open_policy_status.is_err() {
         // Convert NTSTATUS to a Win32 error code and return as an error
+        // SAFETY: LsaNtStatusToWinError is always safe to call with any NTSTATUS value.
         let error_code = unsafe { Identity::LsaNtStatusToWinError(open_policy_status) };
         let error_code = WIN32_ERROR(error_code);
 
@@ -387,12 +388,14 @@ pub fn enumerate_account_rights(sid: &Sid) -> anyhow::Result<Vec<U16CString>> {
     let mut rights = ScopeGuard::new(ptr::null_mut::<Identity::LSA_UNICODE_STRING>(), |ptr| {
         if !ptr.is_null() {
             // FIXME: maybe we should log the error here.
+            // SAFETY: ptr is a valid pointer returned by LsaEnumerateAccountRights.
             let _ = unsafe { Identity::LsaFreeMemory(Some(ptr as *const std::ffi::c_void)) };
         }
     });
 
     let mut rights_count: u32 = 0;
 
+    // SAFETY: We pass valid pointers and policy_handle was obtained from LsaOpenPolicy.
     let enum_status = unsafe {
         Identity::LsaEnumerateAccountRights(
             *policy_handle.as_ref(),
@@ -407,6 +410,7 @@ pub fn enumerate_account_rights(sid: &Sid) -> anyhow::Result<Vec<U16CString>> {
         Vec::new()
     } else if enum_status.is_err() {
         // Convert NTSTATUS to a Win32 error code and return as an error
+        // SAFETY: LsaNtStatusToWinError is always safe to call with any NTSTATUS value.
         let error_code = unsafe { Identity::LsaNtStatusToWinError(enum_status) };
         let error_code = WIN32_ERROR(error_code);
 

crates/win-api-wrappers/src/netmgmt.rs

@@ -101,6 +101,11 @@ pub fn get_local_group_members(group_name: &U16CStr) -> anyhow::Result<Vec<Sid>>
     // - `NetLocalGroupGetMembers` sets `group_members` to a valid pointer on success.
     // - `group_members` must be freed by `NetApiBufferFree`.
     // - For level = 0, bufptr will be set to a pointer to a LOCALGROUP_MEMBERS_INFO_0.
+    // - NetLocalGroupGetMembers returns a properly aligned pointer for LOCALGROUP_MEMBERS_INFO_0.
+    #[expect(
+        clippy::cast_ptr_alignment,
+        reason = "NetLocalGroupGetMembers guarantees proper alignment"
+    )]
     let group_members = unsafe { NetmgmtMemory::from_raw(group_members.cast::<LOCALGROUP_MEMBERS_INFO_0>()) };
 
     // SAFETY:

crates/win-api-wrappers/src/process.rs

@@ -671,10 +671,10 @@ impl Drop for ProcessEnvironment {
             // SAFETY: `ProcessEnvironment` is a private enum, and we ensured that `block` will only
             // ever hold pointers returned by `CreateEnvironmentBlock` in the current module.
             unsafe {
-                if !block.is_null() {
-                    if let Err(error) = DestroyEnvironmentBlock(*block) {
-                        warn!(%error, "Failed to destroy environment block");
-                    }
+                if !block.is_null()
+                    && let Err(error) = DestroyEnvironmentBlock(*block)
+                {
+                    warn!(%error, "Failed to destroy environment block");
                 }
             };
         }

crates/win-api-wrappers/src/rpc.rs

@@ -118,6 +118,7 @@ pub struct RpcServerInterfacePointer {
     pub raw: &'static RPC_SERVER_INTERFACE,
 }
 
+// SAFETY: RpcServerInterfacePointer only contains a static reference, which is safe to send across threads.
 unsafe impl Send for RpcServerInterfacePointer {}
 
 impl RpcServerInterfacePointer {

crates/win-api-wrappers/src/token.rs

@@ -95,7 +95,7 @@ impl Token {
         let sqos = SECURITY_QUALITY_OF_SERVICE {
             Length: u32size_of::<SECURITY_QUALITY_OF_SERVICE>(),
             ImpersonationLevel: SecurityImpersonation,
-            ContextTrackingMode: Security::SECURITY_DYNAMIC_TRACKING as u8,
+            ContextTrackingMode: u8::from(Security::SECURITY_DYNAMIC_TRACKING),
             EffectiveOnly: false,
         };
 

crates/win-api-wrappers/src/utils.rs

@@ -258,25 +258,19 @@ impl CommandLine {
                             if chars.peek().is_some() {
                                 backslashes += 1
                             } else {
-                                std::iter::repeat('\\')
-                                    .take(backslashes * 2)
-                                    .for_each(|x| command_line.push(x));
+                                std::iter::repeat_n('\\', backslashes * 2).for_each(|x| command_line.push(x));
 
                                 backslashes = 0;
                             }
                         }
                         '"' => {
-                            std::iter::repeat('\\')
-                                .take(backslashes * 2 + 1)
-                                .for_each(|x| command_line.push(x));
+                            std::iter::repeat_n('\\', backslashes * 2 + 1).for_each(|x| command_line.push(x));
 
                             command_line.push('"');
                             backslashes = 0;
                         }
                         x => {
-                            std::iter::repeat('\\')
-                                .take(backslashes)
-                                .for_each(|x| command_line.push(x));
+                            std::iter::repeat_n('\\', backslashes).for_each(|x| command_line.push(x));
 
                             command_line.push(x);
                             backslashes = 0;

crates/win-api-wrappers/src/wts.rs

@@ -217,9 +217,9 @@ pub fn send_message_to_session(
             Some(WTS_CURRENT_SERVER_HANDLE),
             session_id,
             title.as_pcwstr(),
-            (title.0.unwrap().len() * size_of_val(&0u16)).try_into()?,
+            (title.0.expect("title buffer is always Some").len() * size_of_val(&0u16)).try_into()?,
             message.as_pcwstr(),
-            (message.0.unwrap().len() * size_of_val(&0u16)).try_into()?,
+            (message.0.expect("message buffer is always Some").len() * size_of_val(&0u16)).try_into()?,
             windows::Win32::UI::WindowsAndMessaging::MB_SYSTEMMODAL
                 | windows::Win32::UI::WindowsAndMessaging::MB_SETFOREGROUND,
             timeout_in_seconds,