OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
advisory-db/crates/lmdb-rs/RUSTSEC-2023-0047.md
Alexis Mousset 98e8483ac1 Update aliases from GHSA OSV export (#1734)
2023-07-29 19:20:00 +02:00

17 lines
638 B
Markdown
Raw Permalink Blame History

```toml
[advisory]
id = "RUSTSEC-2023-0047"
package = "lmdb-rs"
date = "2023-06-26"
informational = "unsound"
url = "https://github.com/vhbit/lmdb-rs/issues/67"
keywords = ["unsound"]
aliases = ["GHSA-f9g6-fp84-fv92"]
[versions]
patched = []
```
# impl `FromMdbValue` for bool is unsound
The implementation of `FromMdbValue` have several unsoundness issues. First of all, it allows to reinterpret arbitrary bytes as a bool and could make undefined behavior happen with safe function. Secondly, it allows transmuting pointer without taking memory layout into consideration. The details of reproducing the bug were included in url above.
Reference in New Issue View Git Blame Copy Permalink