From 8c9978e15da481ad3f60219c2c0f2ae661a8ff20 Mon Sep 17 00:00:00 2001 From: JOE1994 Date: Wed, 27 Jan 2021 10:31:15 -0500 Subject: [PATCH] Report 0113-marc to RustSec --- crates/marc/RUSTSEC-0000-0000.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 crates/marc/RUSTSEC-0000-0000.md diff --git a/crates/marc/RUSTSEC-0000-0000.md b/crates/marc/RUSTSEC-0000-0000.md new file mode 100644 index 0000000..0fee85f --- /dev/null +++ b/crates/marc/RUSTSEC-0000-0000.md @@ -0,0 +1,20 @@ +```toml +[advisory] +id = "RUSTSEC-0000-0000" +package = "marc" +date = "2021-01-26" +url = "https://github.com/blackbeam/rust-marc/issues/7" +categories = ["memory-exposure"] + +[versions] +patched = [">= 2.0.0"] +``` + +# Record::read : Custom `Read` on uninitialized buffer may cause UB + +Affected versions of this crate passes an uninitialized buffer to a user-provided `Read` implementation. (`Record::read()`) + +Arbitrary `Read` implementations can read from the uninitialized buffer (memory exposure) and also can return incorrect number of bytes written to the buffer. +Reading from uninitialized memory produces undefined values that can quickly invoke undefined behavior. + +This flaw was fixed in commit 6299af0 by zero-initializing the newly allocated memory (via `data.resize(len, 0)`) instead of exposing uninitialized memory (`unsafe { data.set_len(len) }`).