RUSTSEC-2020-0097

Soundness issue with base::Error

Issued
Package
xcb (crates.io)
Type
Unsound
Categories
  • memory-corruption
  • thread-safety
Aliases
Details
https://github.com/rtbo/rust-xcb/issues/93
Patched
no patched versions

Description

base::Error type contains public field named ptr. With this definition, it is possible to create a base::Error with an invalid pointer and trigger memory safety errors such as use-after-free or double-free with safe Rust.

The users of xcb crate are advised not to manipulate the field.

More