RUSTSEC-2021-0029

Tape::take_bytes exposes uninitialized memory to a user-provided Read

Issued
Package
truetype (crates.io)
Type
Vulnerability
Categories
  • memory-exposure
Aliases
Details
https://github.com/bodoni/truetype/issues/11
Patched
  • >=0.30.1

Description

Affected versions of this crate passed an unininitialized buffer to a user-provided Read instance in Tape::take_bytes.

This can result in safe Read implementations reading from the uninitialized buffer leading to undefined behavior.

The flaw was corrected in commit 1f2dc7f37dd by removing the unsafe block and zero-initializing the buffer.

More