OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 16:24:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

improve summary

Browse Source
This commit is contained in:
Sergey "Shnatsel" Davidoff
2019-07-07 18:45:21 +02:00
committed by GitHub
parent 6714149494
commit 5eacb752b4
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crates/libflate/RUSTSEC-0000-0000.toml
View File

@@ -2,7 +2,7 @@
id = "RUSTSEC-0000-0000"
package = "libflate"
date = "2019-07-04"
title = "MultiDecoder::read() drops uninitialized memory of arbitrary type if client code panics"
title = "MultiDecoder::read() drops uninitialized memory of arbitrary type on panic in client code"
description = """
Affected versions of libflate have set a field of an internal structure with a generic type to an uninitialized value in `MultiDecoder::read()` and reverted it to the original value after the function completed. However, execution of `MultiDecoder::read()` could be interrupted by a panic in caller-supplied `Read` implementation. This would cause `drop()` to be called on uninitialized memory of a generic type implementing `Read`.