Description
arr
crate contains multiple security issues. Specifically,
- It incorrectly implements Sync/Send bounds, which allows to smuggle non-Sync/Send types across the thread boundary.
Index
and IndexMut
implementation does not check the array bound.
Array::new_from_template()
drops uninitialized memory.
More Info
https://github.com/sjep/array/issues/1
Patched Versions