RUSTSEC-2021-0032

Deserializing an array can drop uninitialized memory on panic

Issued
Package
byte_struct (crates.io)
Type
Vulnerability
Categories
  • memory-corruption
Aliases
Details
https://github.com/wwylele/byte-struct-rs/issues/1
Patched
  • >=0.6.1
Keywords
  • memory-safety

Description

The read_bytes_default_le function for [T; n] arrays, used to deserialize arrays of T from bytes created a [T; n] array with std::mem::uninitialized and then called T's deserialization method.

If T's deserialization method panicked, the uninitialized memory could drop invalid objects.

This flaw was corrected in a535678 by removing the unsafe block and using a .map function to deserialize each element of the array instead.

More