mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-23 15:38:27 +01:00
24 lines
1.0 KiB
TOML
24 lines
1.0 KiB
TOML
[advisory]
|
|
id = "RUSTSEC-2020-0029"
|
|
package = "rgb"
|
|
date = "2020-06-14"
|
|
title = "Allows viewing and modifying arbitrary structs as bytes"
|
|
url = "https://github.com/kornelski/rust-rgb/issues/35"
|
|
informational = "unsound"
|
|
keywords = ["type confusion"]
|
|
description = """
|
|
Affected versions of rgb crate allow viewing and modifying data of any type `T` wrapped in `RGB<T>` as bytes,
|
|
and do not correctly constrain `RGB<T>` and other wrapper structures to the types for which it is safe to do so.
|
|
|
|
Safety violation possible for a type wrapped in `RGB<T>` and similar wrapper structures:
|
|
|
|
* If `T` contains padding, viewing it as bytes may lead to exposure of contents of uninitialized memory.
|
|
* If `T` contains a pointer, modifying it as bytes may lead to dereferencing of arbitrary pointers.
|
|
* Any safety and/or validity invariants for `T` may be violated.
|
|
|
|
The issue was resolved by requiring all types wrapped in structures provided by RGB crate to implement an unsafe marker trait.
|
|
"""
|
|
[versions]
|
|
patched = [">= 0.8.20"]
|
|
unaffected = ["< 0.5.4"]
|