OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
52b96a91c2f326cfb521bd62ddd62f348ce2fc1b
advisory-db/crates/flatbuffers/RUSTSEC-2020-0009.md
Alexis Mousset 8c05fea5fa Add cvss information from nvd (#1085)
2021-10-19 16:14:35 -06:00

1013 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0009"
package = "flatbuffers"
aliases = ["CVE-2020-35864"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
date = "2020-04-11"
url = "https://github.com/google/flatbuffers/issues/5825"

[affected.functions]
"flatbuffers::read_scalar" = [">= 0.4.0"]
"flatbuffers::read_scalar_at" = [">= 0.4.0"]

[versions]
patched = [">= 2.0.0"]
unaffected = ["< 0.4.0"]

read_scalar and read_scalar_at allow transmuting values without unsafe blocks

The read_scalar and read_scalar_at functions are unsound because they allow transmuting values without unsafe blocks.

The following example shows how to create a dangling reference:

fn main() {
    #[derive(Copy, Clone, PartialEq, Debug)]
    struct S(&'static str);
    impl flatbuffers::EndianScalar for S {
        fn to_little_endian(self) -> Self { self }
        fn from_little_endian(self) -> Self { self }
    }
    println!("{:?}", flatbuffers::read_scalar::<S>(&[1; std::mem::size_of::<S>()]));
}