From 484d0022136e3dc1bb2620859fe88a390b836e74 Mon Sep 17 00:00:00 2001
From: Yechan Bae <yechan@gatech.edu>
Date: Mon, 31 Aug 2020 17:14:55 -0400
Subject: [PATCH] Initial report for 0010-crayon

---
 crates/crayon/RUSTSEC-0000-0000.toml | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 crates/crayon/RUSTSEC-0000-0000.toml

diff --git a/crates/crayon/RUSTSEC-0000-0000.toml b/crates/crayon/RUSTSEC-0000-0000.toml
new file mode 100644
index 0000000..ad4f6ab
--- /dev/null
+++ b/crates/crayon/RUSTSEC-0000-0000.toml
@@ -0,0 +1,13 @@
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "crayon"
+date = "2020-08-31"
+informational = "unsound"
+title = "Misbehaving `HandleLike` implementation can lead to memory safety violation"
+url = "https://github.com/shawnscode/crayon/issues/87"
+description = """
+Unsafe code in `ObjectPool` has time-of-check to time-of-use (TOCTOU) bug that can eventually lead to a memory safety violation. `ObjectPool` and `HandlePool` implicitly assumes that `HandleLike` trait methods are pure, i.e., they always return the same value. However, this assumption is unsound since `HandleLike` is a safe, public trait that allows a custom implementation.
+"""
+
+[versions]
+patched = []