src: fix OOB reads in process.title getter
The getter passed a stack-allocated, fixed-size buffer to uv_get_process_title() but neglected to check the return value.
When the total length of the command line arguments exceeds the size of the buffer, libuv returns UV_ENOBUFS and doesn't modify the contents of the buffer. The getter then proceeded to return whatever garbage was on the stack at the time of the call, quite possibly reading beyond the end of the buffer.
Add a GetProcessTitle() helper that reads the process title into a dynamically allocated buffer that is resized when necessary.
Fixes: #31631 (closed)
- this is technically a security vulnerability although probably impossible to exploit practically
- the second commit I'm happy to leave out
- there's also a minor libuv bug but this PR is still necessary