OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 00:03:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #873 from RustSec/master

Browse Source 
Mirror algorithmica advisory to `main`
This commit is contained in:
Sergey "Shnatsel" Davidoff
2021-04-15 18:55:02 +02:00
committed by GitHub
parent 22b59ea8a3 c9b5bbd2f4
commit 0e059ec673
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
crates/algorithmica/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,16 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "algorithmica"
date = "2021-03-07"
url = "https://github.com/AbrarNitk/algorithmica/issues/1"
categories = ["memory-corruption"]
[versions]
patched = []
```
# 'merge_sort::merge()' crashes with double-free for `T: Drop`
In the affected versions of this crate, `merge_sort::merge()` wildly duplicates and drops ownership of `T` without guarding against double-free. Due to such implementation,
simply invoking `merge_sort::merge()` on `Vec<T: Drop>` can cause **double free** bugs.