OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-20 18:41:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update the wording of RUSTSEC-2023-0072 (#1831)

Browse Source 
Make the interior mutability issue more clear
This commit is contained in:
Trevor Gross
2023-12-20 17:33:20 -05:00
committed by GitHub
parent 41cc7a12a2
commit dd8913608d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crates/openssl/RUSTSEC-2023-0072.md
View File

@@ -16,6 +16,6 @@ patched = [">= 0.10.60"]
# `openssl` `X509StoreRef::objects` is unsound
This function returned a reference into an OpenSSL datastructure, but there was no way to ensure OpenSSL would not mutate the datastructure behind ones back.
This function returned a shared reference into an OpenSSL datastructure but did not account for interior mutability. OpenSSL may modify the data behind this reference, meaning accesses can race and the reference is unsound.
Use of this function should be replaced with `X509StoreRef::all_certificates`.