OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-23 20:05:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
01ac699fd5f58db3a0b0cabcf0e5ec596d8420d0
advisory-db/crates/sized-chunks/RUSTSEC-2020-0041.md
Kornel d0689e3724 Fixed sized-chunks
2021-02-14 12:08:19 +00:00

718 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0041"
package = "sized-chunks"
aliases = ["CVE-2020-25791", "CVE-2020-25792", "CVE-2020-25793", "CVE-2020-25794", "CVE-2020-25795", "CVE-2020-25796"]
date = "2020-09-06"
url = "https://github.com/bodil/sized-chunks/issues/11"

[versions]
patched = [">= 0.6.3"]

Multiple soundness issues in Chunk and InlineArray

Chunk:

  • Array size is not checked when constructed with unit() and pair().
  • Array size is not checked when constructed with From<InlineArray<A, T>>.
  • Clone and insert_from are not panic-safe; A panicking iterator causes memory safety issues with them.

InlineArray:

  • Generates unaligned references for types with a large alignment requirement.