HistoryEdit

RUSTSEC-2020-0027

traitobject assumes the layout of fat pointers

Reported
Issued
Package
traitobject (crates.io)
Type
INFO Unsound
Categories
Aliases
Details
https://github.com/reem/rust-traitobject/issues/7
CVSS Score
9.8 CRITICAL
CVSS Details
Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Patched
no patched versions
Affected Functions
Version
traitobject::data
traitobject::data_mut

Description

This crate gets the data pointer from fat pointers assuming that the first element in a fat pointer is the data pointer. This is currently true, but it may change in a future Rust version, leading to memory corruption.

This has been fixed in the master branch of the crate, but is has not been released into crates.io.