mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00

Files

Yechan Bae b724f12a5b Update CVE numbers (#777 )

* Update CVE numbers

* Fix RUSTSEC-2020-0093

* Add another alias for async-h1 crate

2021-02-25 20:00:25 -05:00

867 B

Raw Blame History

[advisory]
id = "RUSTSEC-2021-0018"
package = "qwutils"
aliases = ["CVE-2021-26954"]
date = "2021-02-03"
url = "https://github.com/qwertz19281/rust_utils/issues/3"
categories = ["memory-corruption"]
keywords = ["memory-safety", "double-free"]

[versions]
patched = [">= 0.3.1"]

[affected]
functions = { "qwutils::imp::vec::VecExt::insert_slice_clone" = ["< 0.3.1"] }

insert_slice_clone can double drop if Clone panics.

Affected versions of this crate used ptr::copy when inserting into the middle of a Vec. When ownership was temporarily duplicated during this copy, it calls the clone method of a user provided element.

This issue can result in an element being double-freed if the clone call panics.

Commit 20cb73d fixed this issue by adding a set_len(0) call before operating on the vector to avoid dropping the elements during a panic.

867 B Raw Blame History

insert_slice_clone can double drop if Clone panics.

867 B

Raw Blame History