RUSTSEC-2021-0046

misc::vec_with_size() can drop uninitialized memory if clone panics

Issued
Package
telemetry (crates.io)
Type
Vulnerability
Categories
  • memory-corruption
Aliases
Details
https://github.com/Yoric/telemetry.rs/issues/45
Patched
no patched versions
Keywords
  • memory-safety

Description

misc::vec_with_size creates a vector of the provided size and immediately calls vec.set_len(size) on it, initially filling it with uninitialized memory. It then inserts elements using vec[i] = value.clone().

If the value.clone() call panics, uninitialized items in the vector will be dropped leading to undefined behavior.

More