HistoryEdit

RUSTSEC-2022-0046

Out-of-bounds read when opening multiple column families with TTL

Issued
Package
rocksdb (crates.io)
Type
Vulnerability
Categories
Keywords
#out-of-bounds-read
Details
https://github.com/rust-rocksdb/rust-rocksdb/pull/616
Patched
  • >=0.19.0
Affected Functions
Version
rocksdb::DBWithThreadMode::open_cf_descriptors_with_ttl
  • <0.19.0

Description

Affected versions of this crate called the RocksDB C API rocksdb_open_column_families_with_ttl() with a pointer to a single integer TTL value, but one TTL value for each column family is expected.

This is only relevant when using rocksdb::DBWithThreadMode::open_cf_descriptors_with_ttl() with multiple column families.

This bug has been fixed in v0.19.0.