RUSTSEC-2021-0115
#[zeroize(drop)]
doesn't implement Drop
for enum
s
- Reported
- Issued
- Package
- zeroize_derive (crates.io)
- Type
- Vulnerability
- Aliases
- References
- Patched
-
>=1.1.1
Description
Affected versions of this crate did not implement Drop
when #[zeroize(drop)]
was used on an enum
.
This can result in memory not being zeroed out after dropping it, which is exactly what is intended when adding this attribute.
The flaw was corrected in version 1.2 and #[zeroize(drop)]
on enum
s now properly implements Drop
.
Advisory available under CC0-1.0 license.