diff --git a/src/rt/rust_builtin.cpp b/src/rt/rust_builtin.cpp
index df7b1cfc6d3a..e434138f102c 100644
--- a/src/rt/rust_builtin.cpp
+++ b/src/rt/rust_builtin.cpp
@@ -608,8 +608,12 @@ rust_list_files_ivec(rust_task *task, rust_str *path) {
       closedir(dirp);
   }
 #endif
+  size_t str_ivec_sz =
+      sizeof(size_t)            // fill
+      + sizeof(size_t)          // alloc
+      + sizeof(rust_str *) * 4; // payload
   rust_box *box = (rust_box *)task->malloc(sizeof(rust_box) +
-                                           sizeof(rust_ivec));
+                                           str_ivec_sz);
   box->ref_count = 1;
   rust_ivec *iv = (rust_ivec *)&box->data;
   iv->fill = 0;
diff --git a/src/rt/rust_util.h b/src/rt/rust_util.h
index cf0e4ea20c93..99db357658e5 100644
--- a/src/rt/rust_util.h
+++ b/src/rt/rust_util.h
@@ -202,6 +202,7 @@ rust_ivec_heap
     uint8_t data[];
 };
 
+// Note that the payload is actually size 4*sizeof(elem), even when heapified
 union
 rust_ivec_payload
 {
diff --git a/src/test/run-pass/lib-fs.rs b/src/test/run-pass/lib-fs.rs
index eb57402168f5..8bc8989e5638 100644
--- a/src/test/run-pass/lib-fs.rs
+++ b/src/test/run-pass/lib-fs.rs
@@ -9,4 +9,12 @@ fn test_connect() {
     assert (fs::connect("a" + slash, "b") == "a" + slash + "b");
 }
 
-fn main() { test_connect(); }
\ No newline at end of file
+// Issue #712
+fn test_list_dir_no_invalid_memory_access() {
+  fs::list_dir(".");
+}
+
+fn main() {
+  test_connect();
+  test_list_dir_no_invalid_memory_access();
+}
\ No newline at end of file