OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
36b8de692c82dda2aefc11faa6d301963bf20ffe
advisory-db/crates/safe-transmute/RUSTSEC-2018-0013.toml
Tony Arcieri 01ac6725d5 Fix all advisories to pass linter 
Mostly related to the `affected_functions` field, which has changed a
few times.
2019-09-09 12:19:01 -07:00

21 lines
797 B
TOML
Raw Blame History

[advisory]
id = "RUSTSEC-2018-0013"
package = "safe-transmute"
date = "2018-11-27"
title = "Vec-to-vec transmutations could lead to heap overflow/corruption"
description = """
Affected versions of this crate switched the length and capacity arguments in the Vec::from_raw_parts() constructor,
which could lead to memory corruption or data leakage.
The flaw was corrected by using the constructor correctly.
"""
patched_versions = [">= 0.10.1"]
unaffected_versions = ["< 0.4.0"]
url = "https://github.com/nabijaczleweli/safe-transmute-rs/pull/36"
keywords = ["memory-corruption"]
# TODO(tarcieri): fix linter to respect crate name
#[affected.functions]
#"safe_transmute::guarded_transmute_vec_permissive" = [">= 0.4.0, <= 0.10.0"]
#"safe_transmute::guarded_transmute_to_bytes_vec" = ["= 0.10.0"]
Reference in New Issue View Git Blame Copy Permalink