OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-18 17:35:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
00a4c19a4608a5010260bf3bf8e7b1e53e008bf2
advisory-db/crates/futures-util/RUSTSEC-2020-0059.md
github-actions[bot] 9cd2504f39 Assigned RUSTSEC-2020-0059 to futures-util (#456) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2020-10-30 19:55:47 -04:00

935 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0059"
package = "futures-util"
date = "2020-10-22"
url = "https://github.com/rust-lang/futures-rs/issues/2239"
categories = ["memory-corruption"]
keywords = ["concurrency", "memory-corruption", "memory-management"]

[affected]
functions = { "futures_util::lock::MutexGuard::map" = [">= 0.3.2"] }

[versions]
patched = [">= 0.3.7"]
unaffected = ["< 0.3.2"]

MutexGuard::map can cause a data race in safe code

Affected versions of the crate had a Send/Sync implementation for MappedMutexGuard that only considered variance on T, while MappedMutexGuard dereferenced to U.

This could of led to data races in safe Rust code when a closure used in MutexGuard::map() returns U that is unrelated to T.

The issue was fixed by fixing Send and Sync implementations, and by adding a PhantomData<&'a mut U> marker to the MappedMutexGuard type to tell the compiler that the guard is over U too.