RUSTSEC-2020-0041: Multiple soundness issues in Chunk and InlineArray #7

github-actions · 2020-11-29T00:47:27Z

Multiple soundness issues in Chunk and InlineArray

Chunk:

Array size is not checked when constructed with unit() and pair().
Array size is not checked when constructed with From<InlineArray<A, T>>.
Clone and insert_from are not panic-safe; A panicking iterator causes memory safety issues with them.

InlineArray:

See advisory page for additional details.

The text was updated successfully, but these errors were encountered:

vorner · 2020-11-29T08:23:04Z

Known, but no migration path available right now :-(. The maintainer seems unresponsive.

Though it seems that the way it is used, these issues are not triggered and the problem is more in the sense „If someone used the crate directly…“

Keeping it open until this gets resolved, though.

Closes #7.

vorner closed this as completed Nov 29, 2020

vorner reopened this Nov 29, 2020

vorner added a commit that referenced this issue Feb 15, 2021

Version updates

b66664a

Closes #7.

vorner mentioned this issue Feb 15, 2021

Version updates #16

Merged

vorner closed this as completed in #16 Feb 15, 2021

Provide feedback