OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
84b7ddd2806915c5964d34d4e6f65457970dbeae
advisory-db/crates/out-reference/RUSTSEC-0000-0000.md
Nugine 84b7ddd280 out_reference::Out::from_raw should be unsafe (#1627) 
* `out_reference::Out::from_raw` should be `unsafe`

* Update crates/out-reference/RUSTSEC-0000-0000.md

Adjust date when it was reported

* Minor fix

---------

Co-authored-by: pinkforest(she/her) <36498018+pinkforest@users.noreply.github.com>
2023-03-12 17:51:05 +11:00

638 B
Raw Blame History 

[advisory]
id = "RUSTSEC-0000-0000"
package = "out-reference"
date = "2021-01-20"
url = "https://github.com/RustyYato/out-ref/issues/1"
informational = "unsound"
categories = ["memory-corruption"]
keywords = ["unsound", "raw-pointer"]

[versions]
patched = [">= 0.2.0"]
unaffected = ["< 0.1.0"]

[affected.functions]
"out_reference::Out::from_raw" = [">= 0.1.0, < 0.2.0"]

out_reference::Out::from_raw should be unsafe

Out::from_raw in affected versions allows writing a value to invalid memory address without requiring unsafe.

The soundness issue has been addressed by making Out::from_raw an unsafe function.