mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-01-08 04:27:11 +01:00
15 lines
657 B
TOML
15 lines
657 B
TOML
[advisory]
|
|
id = "RUSTSEC-2019-0011"
|
|
package = "memoffset"
|
|
date = "2019-07-16"
|
|
title = "Flaw in offset_of and span_of causes SIGILL, drops uninitialized memory of arbitrary type on panic in client code"
|
|
description = """
|
|
Affected versions of this crate caused traps and/or memory unsafety by zero-initializing references.
|
|
They also could lead to uninitialized memory being dropped if the field for which the offset is requested was behind a deref coercion, and that deref coercion caused a panic.
|
|
|
|
The flaw was corrected by using `MaybeUninit`.
|
|
"""
|
|
|
|
patched_versions = [">= 0.5.0"]
|
|
url = "https://github.com/Gilnaa/memoffset/issues/9#issuecomment-505461490"
|