OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Copyedit RUSTSEC-2021-0122 (#1269)

Browse Source 
Apply some copyedits to the text introduced by #1268.  Add a missing
comma; inflect "be" better; and use normal quotation marks rather than
backticks around the word "safe", referring to Safe Rust, as, unlike
`unsafe`, "safe" is not Rust syntax.
This commit is contained in:
8573
2022-06-25 05:06:03 -07:00
committed by GitHub
parent 9e0c88bd78
commit 7381319981
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
crates/flatbuffers/RUSTSEC-2021-0122.md
View File

@@ -15,9 +15,9 @@ patched = []
Code generated by flatbuffers' compiler is `unsafe` but not marked as such.
See https://github.com/google/flatbuffers/issues/6627 for details.
For example, if generated code is used to decode malformed or untrusted input
undefined behavior (and thus security vulnerabilities) are possible even without
the use of the `unsafe` keyword, [violating the the meaning of `safe`](https://doc.rust-lang.org/std/keyword.unsafe.html#the-different-meanings-of-unsafe) code;
For example, if generated code is used to decode malformed or untrusted input,
undefined behavior (and thus security vulnerabilities) is possible even without
the use of the `unsafe` keyword, [violating the the meaning of "safe"](https://doc.rust-lang.org/std/keyword.unsafe.html#the-different-meanings-of-unsafe) code;
All users that use generated code by `flatbuffers` compiler are recommended to:
1. not expose flatbuffer generated code as part of their public APIs