OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 08:13:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

out_reference::Out::from_raw should be unsafe (#1627)

Browse Source 
* `out_reference::Out::from_raw` should be `unsafe`

* Update crates/out-reference/RUSTSEC-0000-0000.md

Adjust date when it was reported

* Minor fix

---------

Co-authored-by: pinkforest(she/her) <36498018+pinkforest@users.noreply.github.com>
This commit is contained in:
Nugine
2023-03-12 14:51:05 +08:00
committed by GitHub
parent ffe539ba4d
commit 84b7ddd280
1 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
crates/out-reference/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,23 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "out-reference"
date = "2021-01-20"
url = "https://github.com/RustyYato/out-ref/issues/1"
informational = "unsound"
categories = ["memory-corruption"]
keywords = ["unsound", "raw-pointer"]
[versions]
patched = [">= 0.2.0"]
unaffected = ["< 0.1.0"]
[affected.functions]
"out_reference::Out::from_raw" = [">= 0.1.0, < 0.2.0"]
```
# `out_reference::Out::from_raw` should be `unsafe`
`Out::from_raw` in affected versions allows writing a value to invalid memory address without requiring `unsafe`.
The soundness issue has been addressed by making `Out::from_raw` an unsafe function.