OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-28 15:28:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Undefined behavior in Rand (#149)

Browse Source 
Co-authored-by: Ralf Jung <post@ralfj.de>
Co-authored-by: Tony Arcieri <bascule@gmail.com>
This commit is contained in:
Vinzent Steinberg
2020-07-24 19:00:19 +02:00
committed by GitHub
parent ce0b60265d
commit 6d238619b6
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
crates/rand_core/RUSTSEC-0000-0000.toml Normal file
View File

@@ -0,0 +1,20 @@
[advisory]
id = "RUSTSEC-0000-0000"
package = "rand_core"
date = "2019-04-19"
informational = "unsound"
title = "Unaligned memory access"
description = """
Affected versions of this crate violated alignment when casting byte slices to
integer slices, resulting in undefined behavior.
The flaw was corrected by Ralf Jung and Diggory Hardy.
"""
url = "https://github.com/rust-random/rand/blob/master/rand_core/CHANGELOG.md#050---2019-06-06"
[affected.functions]
"rand_core::BlockRng::next_u64" = ["< 0.4.2"]
"rand_core::BlockRng::fill_bytes" = ["< 0.4.2"]
[versions]
patched = [">= 0.4.2"]