RUSTSEC-2020-0050

VecCopy allows misaligned access to elements

Issued
Package
dync (crates.io)
Type
Unsound
Aliases
Details
https://github.com/elrnv/dync/issues/4
Patched
  • >=0.5.0

Description

VecCopy::data is created as a Vec of u8 but can be used to store and retrieve elements of different types leading to misaligned access.

The issue was resolved in v0.5.0 by replacing data being stored by Vec<u8> with a custom managed pointer. Elements are now stored and retrieved using types with proper alignment corresponding to original types.

More