RUSTSEC-2020-0107

hashconsing's HConsed lacks Send/Sync bound for its Send/Sync trait.

Issued
Package
hashconsing (crates.io)
Type
Vulnerability
Categories
  • memory-corruption
  • thread-safety
Aliases
Details
https://github.com/AdrienChampion/hashconsing/issues/1
Patched
  • >=1.1.0
Keywords
  • concurrency

Description

Affected versions of hashconsing implements Send/Sync for its HConsed type without restricting it to Sendable types and Syncable types.

This allows non-Sync types such as Cell to be shared across threads leading to undefined behavior and memory corruption in concurrent programs.

More