RUSTSEC-2021-0145
Potential unaligned read
- Reported
-
- Issued
-
- Package
-
atty
(crates.io)
- Type
-
INFO
Unsound
- Keywords
-
#unaligned-read
- Aliases
-
- References
-
- Patched
-
no patched versions
- Affected OSes
-
Description
On windows, atty
dereferences a potentially unaligned pointer.
In practice however, the pointer won't be unaligned unless a custom global allocator is used.
In particular, the System
allocator on windows uses HeapAlloc
, which guarantees a large enough alignment.
atty is Unmaintained
A Pull Request with a fix has been provided over a year ago but the maintainer seems to be unreachable.
Last release of atty
was almost 3 years ago.
Possible Alternative(s)
The below list has not been vetted in any way and may or may not contain alternatives;
Advisory available under CC0-1.0
license.