OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-06 03:29:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add advisory for UB in crossbeam-channel 0.4.3

Browse Source
This commit is contained in:
Taiki Endo
2020-10-11 16:57:44 +09:00
parent 8c4b6b7d43
commit ba83b81ec4
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
crates/crossbeam-channel/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,15 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "crossbeam-channel"
date = "2020-06-26"
url = "https://github.com/crossbeam-rs/crossbeam/pull/533"
[versions]
patched = [">= 0.4.4"]
unaffected = ["< 0.4.3"]
```
# Undefined Behavior in bounded channel
The affected version of this crate's the `bounded` channel incorrectly assumes that `Vec::from_iter` has allocated capacity that same as the number of iterator elements. `Vec::from_iter` does not actually guarantee that and may allocate extra memory. The destructor of the `bounded` channel reconstructs `Vec` from the raw pointer based on the incorrect assumes described above. This is unsound and causing deallocation with the incorrect capacity when `Vec::from_iter` has allocated different sizes with the number of iterator elements.