HistoryEditJSON (OSV)

RUSTSEC-2022-0049

Use after free in MacOS / iOS implementation

Reported
Issued
Package
iana-time-zone (crates.io)
Type
INFO Unsound
Categories
Aliases
References
Patched
  • >=0.1.45
Unaffected
  • <0.1.43
Affected OSes
  • ios
  • macos
Affected Functions
Version
iana_time_zone::get_timezone
  • >0.1.42, <0.1.45

Description

In iana-time-zone v0.1.43 a use-after-free bug in the MacOS / iOS implementation was introduced.

The copied system time zone was released before its name was copied. If the system time zone was changed between the call of CFRelease and str::to_owned(), random memory would be copied.

Advisory available under CC0-1.0 license.