Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

impl From<Buffer> for Vec<u8> is unsound #2

Closed
nox opened this issue Jan 1, 2018 · 3 comments
Closed

impl From<Buffer> for Vec<u8> is unsound #2

nox opened this issue Jan 1, 2018 · 3 comments
Assignees
@sagebind
Labels
bug Something is borken security A security concern or vulnerability

Comments

@nox
Copy link

nox commented Jan 1, 2018

The returned vector is backed by freed memory, because slice is dropped at the end of the function.
@sagebind
Copy link
Owner

sagebind commented Jan 2, 2018

Yep I see the problem; good catch!

@sagebind sagebind self-assigned this Jan 2, 2018
@sagebind sagebind added the bug Something is borken label Jul 6, 2019
@Shnatsel
Copy link

This looks like a use-after-free bug, which is typically exploitable. Please file a security advisory at https://github.com/RustSec/advisory-db

I understand this has been fixed over a year ago, but please do it anyway for the sake of people who haven't updated their dependencies in a while.

@sagebind sagebind added the security A security concern or vulnerability label Sep 1, 2019
@sagebind
Copy link
Owner

sagebind commented Sep 1, 2019

@Shnatsel Sure thing, will do.

@sagebind sagebind mentioned this issue Sep 1, 2019
Merged
@Mythra Mythra mentioned this issue Oct 29, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sagebind sagebind

Labels
bug Something is borken security A security concern or vulnerability
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nox @Shnatsel @sagebind