rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
1d12a1c2e3ca4109d64c3ac684159f891f846141
advisory-db/crates/stb_image/RUSTSEC-2023-0021.md
Alexis Mousset 1d12a1c2e3 Fix typos (#1729)
2023-07-15 15:07:13 +00:00

696 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2023-0021"
package = "stb_image"
date = "2023-03-19"
url = "https://github.com/servo/rust-stb-image/pull/102"
categories = ["memory-corruption"]
keywords = ["NULL-pointer-dereference"]
aliases = ["GHSA-ppjr-267j-5p9x"]

[versions]
patched = [">= 0.2.5"]

NULL pointer dereference in stb_image

A bug in error handling in the stb_image C library could cause a NULL pointer dereference when attempting to load an invalid or unsupported image file. This is fixed in version 0.2.5 and later of the stb_image Rust crate, by patching the C code to correctly handle NULL pointers.

Thank you to GitHub user 0xdd96 for finding and fixing this vulnerability.