From 2a867650cb5039d5cd85ae0fe8bdea8e28d59601 Mon Sep 17 00:00:00 2001
From: Simonas Kazlauskas <git@kazlauskas.me>
Date: Sun, 20 Oct 2019 17:59:05 +0300
Subject: [PATCH] Add a flatbuffers unsound code advisory

---
 crates/flatbuffers/RUSTSEC-2019-0024.toml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 crates/flatbuffers/RUSTSEC-2019-0024.toml

diff --git a/crates/flatbuffers/RUSTSEC-2019-0024.toml b/crates/flatbuffers/RUSTSEC-2019-0024.toml
new file mode 100644
index 0000000..571cbe7
--- /dev/null
+++ b/crates/flatbuffers/RUSTSEC-2019-0024.toml
@@ -0,0 +1,17 @@
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "flatbuffers"
+patched_versions = []
+unaffected_versions = ["< 0.4.0"]
+date = "2019-10-20"
+url = "https://github.com/google/flatbuffers/issues/5530"
+title = "Unsound `impl Follow for bool`"
+description = """
+The implementation of `impl Follow for bool` allows to reinterpret arbitrary bytes as a `bool`.
+
+In Rust `bool` has stringent requirements for its in-memory representation. Use of this function
+allows to violate these requirements and invoke undefined behaviour in safe code.
+"""
+
+[affected]
+functions = { "flatbuffers::Follow::follow" = [">= 0.4.0", "<= 0.6.0"] }