OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-01 01:00:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add advisory for windows (#1177)

Browse Source
This commit is contained in:
Konrad Borowski
2022-02-04 16:00:05 +01:00
committed by GitHub
parent 9da1eb7ef4
commit 989da55082
1 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
crates/windows/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,23 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "windows"
date = "2022-01-02"
url = "https://github.com/microsoft/windows-rs/issues/1409"
categories = ["memory-corruption", "thread-safety"]
keywords = []
informational = "unsound"
[versions]
patched = [">= 0.32.0"]
unaffected = ["< 0.1.2"]
[affected]
os = ["windows"]
```
# Delegate functions are missing `Send` bound
Affected versions of this crate did not require event handlers to have `Send` bound despite there being no guarantee of them being called on any particular thread, which can potentially lead to data races and undefined behavior.
The flaw was corrected in commit [afe3252](https://github.com/microsoft/windows-rs/commit/afe32525c22209aa8f632a0f4ad607863b51796a) by adding `Send` bounds.