From b1160c6794663dfd065b86c3ceea0880fab5119a Mon Sep 17 00:00:00 2001
From: JOE1994 <joseph942010@gmail.com>
Date: Tue, 19 Jan 2021 20:35:12 -0500
Subject: [PATCH] Report 0108-containers to RustSec

---
 crates/containers/RUSTSEC-0000-0000.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 crates/containers/RUSTSEC-0000-0000.md

diff --git a/crates/containers/RUSTSEC-0000-0000.md b/crates/containers/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000..bd7dae2
--- /dev/null
+++ b/crates/containers/RUSTSEC-0000-0000.md
@@ -0,0 +1,21 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "containers"
+date = "2021-01-12"
+url = "https://github.com/strake/containers.rs/issues/2"
+categories = ["memory-corruption"]
+
+[versions]
+patched = [">= 0.9.11"]
+```
+
+# panic safety: double drop may happen within `util::{mutate, mutate2}`
+
+Upon panic in a user-provided function `f`, `fn mutate()` & `fn mutate2` drops twice a same object.
+
+Affected versions of this crate did not guard against double drop while temporarily duplicating an object's ownership with `ptr::read()`.
+
+Dropping a same object can result in memory corruption.
+
+The flaw was corrected in version "0.9.11" by fixing the code to abort upon panic.