From 84b7ddd2806915c5964d34d4e6f65457970dbeae Mon Sep 17 00:00:00 2001
From: Nugine <nugine@foxmail.com>
Date: Sun, 12 Mar 2023 14:51:05 +0800
Subject: [PATCH] `out_reference::Out::from_raw` should be `unsafe` (#1627)

* `out_reference::Out::from_raw` should be `unsafe`

* Update crates/out-reference/RUSTSEC-0000-0000.md

Adjust date when it was reported

* Minor fix

---------

Co-authored-by: pinkforest(she/her) <36498018+pinkforest@users.noreply.github.com>
---
 crates/out-reference/RUSTSEC-0000-0000.md | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 crates/out-reference/RUSTSEC-0000-0000.md

diff --git a/crates/out-reference/RUSTSEC-0000-0000.md b/crates/out-reference/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000..a228e13
--- /dev/null
+++ b/crates/out-reference/RUSTSEC-0000-0000.md
@@ -0,0 +1,23 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "out-reference"
+date = "2021-01-20"
+url = "https://github.com/RustyYato/out-ref/issues/1"
+informational = "unsound"
+categories = ["memory-corruption"]
+keywords = ["unsound", "raw-pointer"]
+
+[versions]
+patched = [">= 0.2.0"]
+unaffected = ["< 0.1.0"]
+
+[affected.functions]
+"out_reference::Out::from_raw" = [">= 0.1.0, < 0.2.0"]
+```
+
+# `out_reference::Out::from_raw` should be `unsafe`
+
+`Out::from_raw` in affected versions allows writing a value to invalid memory address without requiring `unsafe`.
+
+The soundness issue has been addressed by making `Out::from_raw` an unsafe function.