OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-20 10:31:01 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d8701fad2d40aeca8e8564692f14a8d7c30a5136
advisory-db/crates/vec-const/RUSTSEC-2021-0082.md
Ben Kimock 5335769e4b Update vec-const advisory (#1081)
2021-10-18 00:19:40 +02:00

625 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2021-0082"
package = "vec-const"
date = "2021-08-14"
url = "https://github.com/Eolu/vec-const/issues/1#issuecomment-898908241"
categories = ["memory-corruption"]
keywords = ["memory-safety"]
informational = "unsound"

[versions]
patched = [">= 2.0.0"]

vec-const attempts to construct a Vec from a pointer to a const slice

Affected versions of this crate claimed to construct a const Vec with nonzero length and capacity, but that cannot be done because such a Vec requires a pointer from an allocator.

The implementation was later changed to just construct a std::borrow::Cow.