RUSTSEC-2020-0148

Multiple soundness issues in Ptr

Issued
Package
cgc (crates.io)
Type
Vulnerability
Categories
  • memory-corruption
Details
https://github.com/playXE/cgc/issues/5
Patched
no patched versions
Keywords
  • memory-safety
  • aliasing
  • concurrency

Description

Affected versions of this crate have the following issues:

  1. Ptr implements Send and Sync for all types, this can lead to data races by sending non-thread safe types across threads.

  2. Ptr::get violates mutable alias rules by returning multiple mutable references to the same object.

  3. Ptr::write uses non-atomic writes to the underlying pointer. This means that when used across threads it can lead to data races.

More