RUSTSEC-2021-0007: av-data: `Frame::copy_from_raw_parts` can lead to segfault without `unsafe`

Description

fn Frame::copy_from_raw_parts() is a safe API that can take a raw pointer and dereference it. It is possible to read arbitrary memory address with an arbitrarily fed pointer. This allows the safe API to access & read arbitrary address in memory. Feeding an invalid memory address pointer to the API may also cause the program to segfault.

The flaw was corrected in https://github.com/rust-av/rust-av/pull/137, by removing the API fn Frame::copy_from_raw_parts().

More Info

https://github.com/rust-av/rust-av/issues/136

Patched Versions