RUSTSEC-2021-0007: av-data: `Frame::copy_from_raw_parts` can lead to segfault without `unsafe`


fn Frame::copy_from_raw_parts() is a safe API that can take a raw pointer and dereference it. It is possible to read arbitrary memory address with an arbitrarily fed pointer. This allows the safe API to access & read arbitrary address in memory. Feeding an invalid memory address pointer to the API may also cause the program to segfault.

The flaw was corrected in, by removing the API fn Frame::copy_from_raw_parts().

More Info

Patched Versions