From 12033122b360588e5f197f8271250d253bfef8c0 Mon Sep 17 00:00:00 2001
From: Jonas Bushart <jonas@bushart.org>
Date: Fri, 26 Feb 2021 23:50:32 +0100
Subject: [PATCH] heapless: use-after-free when cloning partially consumed
 Iterator

---
 crates/heapless/RUSTSEC-0000-0000.md | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 crates/heapless/RUSTSEC-0000-0000.md

diff --git a/crates/heapless/RUSTSEC-0000-0000.md b/crates/heapless/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000..beff214
--- /dev/null
+++ b/crates/heapless/RUSTSEC-0000-0000.md
@@ -0,0 +1,23 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "heapless"
+date = "2010-11-02"
+url = "https://github.com/japaric/heapless/issues/181"
+categories = ["memory-corruption", "memory-exposure"]
+keywords = ["use-after-free"]
+informational = "unsound"
+
+[affected.functions]
+"heapless::vec::IntoIter::clone" = ["<= 0.6"]
+
+[versions]
+patched = []
+```
+
+# Use-after-free when cloning a partially consumed `Vec` iterator
+
+The `IntoIter` `Clone` implementation clones the whole underlying `Vec`.
+If the iterator is partially consumed the consumed items will be copied, thus creating a use-after-free access.
+
+A proof of concept is available in the original bug report.