Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

linkme is unsound (coercion fools typecheck) #1917

Merged
merged 1 commit into from
Dec 4, 2024
Merged

linkme is unsound (coercion fools typecheck) #1917

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions crates/linkme/RUSTSEC-0000-0000.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "linkme"
date = "2024-03-05"
url = "https://github.com/dtolnay/linkme/issues/82"
informational = "unsound"

[versions]
patched = [">= 0.3.24"]
```

# Fails to ensure slice elements match the slice's declared type

Affected versions allow populating a DistributedSlice of T with elements of an
arbitrary other type that coerces to T. For example, elements of type `&&str`
could end up in a slice of type `[&str]`, since `&&str` coerces to `&str` via a
deref coercion.

The flaw was corrected by implementing typechecking for distributed slice
elements in such a way that coercion no longer occurs. The element's type must
be a subtype of the slice's declared element type.