OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-20 10:31:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #376 from Qwaz/0013-simple-slab

Browse Source 
simple-slab: `index()` allows out-of-bound read and `remove()` has off-by-one error
This commit is contained in:
Sergey "Shnatsel" Davidoff
2020-09-04 12:10:07 +02:00
committed by GitHub
parent 95868762d3 d2aaa6c1b2
commit 4947069dc8
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
crates/simple-slab/RUSTSEC-0000-0000.toml Normal file
View File

@@ -0,0 +1,12 @@
[advisory]
id = "RUSTSEC-0000-0000"
package = "simple-slab"
date = "2020-09-03"
title = "`index()` allows out-of-bound read and `remove()` has off-by-one error"
url = "https://github.com/nathansizemore/simple-slab/issues/2"
description = """
`Slab::index()` does not perform the boundary checking, which leads to out-of-bound read access. `Slab::remove()` copies an element from an invalid address due to off-by-one error, resulting in memory leakage and uninitialized memory drop.
"""
[versions]
patched = []