rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
advisory-db/crates/out-reference/RUSTSEC-2021-0152.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

672 B
Raw Permalink Blame History 

[advisory]
id = "RUSTSEC-2021-0152"
package = "out-reference"
date = "2021-01-20"
url = "https://github.com/RustyYato/out-ref/issues/1"
informational = "unsound"
categories = ["memory-corruption"]
keywords = ["unsound", "raw-pointer"]
aliases = ["GHSA-p7mj-xvxg-grff"]

[versions]
patched = [">= 0.2.0"]
unaffected = ["< 0.1.0"]

[affected.functions]
"out_reference::Out::from_raw" = [">= 0.1.0, < 0.2.0"]

out_reference::Out::from_raw should be unsafe

Out::from_raw in affected versions allows writing a value to invalid memory address without requiring unsafe.

The soundness issue has been addressed by making Out::from_raw an unsafe function.