RUSTSEC-2020-0091

Dangling reference in access::Map with Constant

Issued
Package
arc-swap (crates.io)
Type
Vulnerability
Categories
  • memory-corruption
Aliases
Details
https://github.com/vorner/arc-swap/issues/45
Patched
  • >=0.4.8, <1.0.0-0
  • >=1.1.0
Unaffected
  • <0.4.2
Keywords
  • dangling reference
Affected Functions
Version
arc_swap::access::MapGuard::deref
  • <1.1.0

Description

Using the arc_swap::access::Map with the Constant test helper (or with user-provided implementation of the Access trait) could sometimes lead to the map returning dangling references.

Replaced by implementation without unsafe, at the cost of added Clone bound on the closure and small penalty on performance.

More