memoffset allows reading uninitialized memory
Moderate severity
GitHub Reviewed
Published
Jun 21, 2023
to the GitHub Advisory Database
•
Updated Jun 21, 2023
Description
Published to the GitHub Advisory Database
Jun 21, 2023
Reviewed
Jun 21, 2023
Last updated
Jun 21, 2023
memoffset allows attempt of reading data from address
0
with arbitrary type. This behavior is an undefined behavior because address0
tostd::mem::size_of<T>
may not have valid bit-pattern withT
. Old implementation dereferences uninitialized memory obtained fromstd::mem::align_of
. Older implementation prior to it allows using uninitialized data obtained fromstd::mem::uninitialized
with arbitrary type then compute offset by taking the address of field-projection. This may also result in an undefined behavior for "father" that includes (directly or transitively) type that does not allow to be uninitialized.This flaw was corrected by using
std::ptr::addr_of
in Gilnaa/memoffset#50.References