OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-07 04:01:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
9e4db05abcf230899dbe46983bb4b4e76074e637
advisory-db/crates/basic_dsp_matrix/RUSTSEC-2021-0009.md
Yechan Bae b724f12a5b Update CVE numbers (#777) 
* Update CVE numbers

* Fix RUSTSEC-2020-0093

* Add another alias for async-h1 crate
2021-02-25 20:00:25 -05:00

19 lines
723 B
Markdown
Raw Blame History

```toml
[advisory]
id = "RUSTSEC-2021-0009"
package = "basic_dsp_matrix"
aliases = ["CVE-2021-25906"]
date = "2021-01-10"
url = "https://github.com/liebharc/basic_dsp/issues/47"
categories = ["memory-corruption"]
[versions]
patched = [">= 0.9.2"]
```
# panic safety issue in `impl TransformContent<S, D> for [S; (2|3|4)]`
Affected versions of this crate did not guard against double drop while temporarily duplicating objects' ownership using `ptr::read()`. Upon panic in a user-provided function `conversion`, objects that are copied by `ptr::read()` are dropped twice, leading to memory corruption.
The flaw was corrected in v0.9.2 by using `ManuallyDrop<T>` to enclose objects that are to be temporarily duplicated.
Reference in New Issue View Git Blame Copy Permalink