Reported

February 26, 2021

Issued

April 2, 2021 (last modified: April 13, 2021)

Package

id-map (crates.io)

Type

Vulnerability

Categories

• memory-corruption

Keywords

#memory-safety #double-free

Aliases

• CVE-2021-30455
• CVE-2021-30456
• CVE-2021-30457

Details

https://github.com/andrewhickman/id-map/issues/3

Patched

no patched versions

Description

The following functions in the crate are affected:

IdMap::clone_from

The clone_from implementation for IdMap drops the values present in the map and then begins cloning values from the other map. If a .clone() call pancics, then the afformentioned dropped elements can be freed again.

get_or_insert

get_or_insert reserves space for a value, before calling the user provided insertion function f. If the function f panics then uninitialized or previously freed memory can be dropped.

remove_set

When removing a set of elements, ptr::drop_in_place is called on each of the element to be removed. If the Drop impl of one of these elements panics then the previously dropped elements can be dropped again.