mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-01-07 04:01:35 +01:00
64c17acfe3
As announced in #228, this commit migrates all advisories to the new V2 format, which splits version information into a separate section, and now has a structure which corresponds to the internal code structure of the `rustsec` crate. This is a breaking change for users of `cargo-audit` < 0.9, and anyone who has written a 3rd party advisory format parser.
24 lines
944 B
TOML
24 lines
944 B
TOML
[advisory]
|
|
id = "RUSTSEC-2017-0004"
|
|
package = "base64"
|
|
date = "2017-05-03"
|
|
url = "https://github.com/alicemaz/rust-base64/commit/24ead980daf11ba563e4fb2516187a56a71ad319"
|
|
title = "Integer overflow leads to heap-based buffer overflow in encode_config_buf"
|
|
keywords = ["memory-corruption"]
|
|
aliases = ["CVE-2017-1000430"]
|
|
description = """
|
|
Affected versions of this crate suffered from an integer overflow bug when
|
|
calculating the size of a buffer to use when encoding base64 using the
|
|
`encode_config_buf` and `encode_config` functions. If the input string
|
|
was large, this would cause a buffer to be allocated that was too small.
|
|
Since this function writes to the buffer using unsafe code, it would
|
|
allow an attacker to write beyond the buffer, causing memory corruption
|
|
and possibly the execution of arbitrary code.
|
|
|
|
This flaw was corrected by using checked arithmetic to calculate
|
|
the size of the buffer.
|
|
"""
|
|
|
|
[versions]
|
|
patched = [">= 0.5.2"]
|