Unaligned write in unsafe-libyaml (#1841)

2025-12-27 06:29:31 +01:00 · 2023-12-20 14:32:37 -08:00
parent bc17aeb683
commit 41cc7a12a2
1 changed files with 31 additions and 0 deletions
--- a/crates/unsafe-libyaml/RUSTSEC-0000-0000.md
+++ b/crates/unsafe-libyaml/RUSTSEC-0000-0000.md
@@ -0,0 +1,31 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unsafe-libyaml"
+date = "2023-12-20"
+url = "https://github.com/dtolnay/unsafe-libyaml/issues/21"
+informational = "unsound"
+keywords = ["unaligned-write"]
+
+[versions]
+patched = [">= 0.2.10"]
+```
+
+# Unaligned write of u64 on 32-bit and 16-bit platforms
+
+Affected versions allocate memory using the alignment of `usize` and write data
+to it of type `u64`, without using `core::ptr::write_unaligned`. In platforms
+with sub-64bit alignment for `usize` (including wasm32 and x86) these writes
+are insufficiently aligned some of the time.
+
+If using an ordinary optimized standard library, the bug exhibits Undefined
+Behavior so may or may not behave in any sensible way, depending on
+optimization settings and hardware and other things. If using a Rust standard
+library built with debug assertions enabled, the bug manifests deterministically
+in a crash (non-unwinding panic) saying _"ptr::write requires that the pointer
+argument is aligned and non-null"_.
+
+No 64-bit platform is impacted by the bug.
+
+The flaw was corrected by allocating with adequately high alignment on all
+platforms.