OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
e1e8e92e89fadd9df8dc35e2b35fd7f5cca7d94b
advisory-db/crates/nanorand/RUSTSEC-2021-0114.md
github-actions[bot] f1fc2c3eb0 Assigned RUSTSEC-2021-0114 to nanorand (#1052) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
2021-09-23 22:26:20 +02:00

564 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2021-0114"
package = "nanorand"
date = "2021-09-23"
url = "https://github.com/Absolucy/nanorand-rs/issues/28"
keywords = ["memory-safety", "aliasing"]

[versions]
patched = [">= 0.6.1"]
unaffected = ["< 0.5.0"]

[affected]
functions = { "nanorand::tls::tls_rand" = [">= 0.5.0", "<= 0.6.0"] }

Aliased mutable references from tls_rand & TlsWyRand

TlsWyRand's implementation of Deref unconditionally dereferences a raw pointer, and returns multiple mutable references to the same object, which is undefined behavior.