OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-06 19:49:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d8701fad2d40aeca8e8564692f14a8d7c30a5136
advisory-db/crates/model/RUSTSEC-2020-0140.md
Alexander Kjäll f494f83f8e add missing cve info to advisories (#1077) 
looks like RUSTSEC-2020-0036 might be a special case, someone got a cve for that the crate is unmaintained
2021-10-14 21:53:11 +02:00

871 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0140"
package = "model"
date = "2020-11-10"
url = "https://github.com/spacejam/model/issues/3"
categories = ["thread-safety"]
informational = "unsound"
aliases = ["CVE-2020-36460"]

[versions]
patched = []

Shared can cause a data race

Shared data structure in model crate implements Send and Sync traits regardless of the inner type. This allows safe Rust code to trigger a data race, which is undefined behavior in Rust.

Users are advised to treat Shared as an unsafe type. It should not be used outside of the testing context, and care must be taken so that the testing code does not have a data race besides a race condition that is expected to be caught by the test.

Check the Rustonomicon for the difference between a data race and a general race condition.