From 5534479d2a15704993de97ee12346ca288f1ee4a Mon Sep 17 00:00:00 2001 From: Yechan Bae Date: Sun, 6 Sep 2020 18:05:00 -0400 Subject: [PATCH] Initial report for 0014-sized-chunks --- crates/sized-chunks/RUSTSEC-0000-0000.toml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 crates/sized-chunks/RUSTSEC-0000-0000.toml diff --git a/crates/sized-chunks/RUSTSEC-0000-0000.toml b/crates/sized-chunks/RUSTSEC-0000-0000.toml new file mode 100644 index 000000000..3e9c353d4 --- /dev/null +++ b/crates/sized-chunks/RUSTSEC-0000-0000.toml @@ -0,0 +1,20 @@ +[advisory] +id = "RUSTSEC-0000-0000" +package = "sized-chunks" +date = "2020-09-06" +title = "Multiple soundness issues in Chunk and InlineArray" +url = "https://github.com/bodil/sized-chunks/issues/11" +description = """ +Chunk: + +* Array size is not checked when constructed with `unit()` and `pair()`. +* Array size is not checked when constructed with `From>`. +* `Clone` and `insert_from` are not panic-safe; A panicking iterator causes memory safety issues with them. + +InlineArray: + +* Generates unaligned references for types with a large alignment requirement. +""" + +[versions] +patched = []