RUSTSEC-2023-0032

Unsound FFI: Wrong API usage causes write past allocated area

Reported

March 22, 2023

Issued

April 6, 2023 (last modified: June 13, 2023)

Package

ntru (crates.io)

Type

INFO Unsound

Categories

memory-corruption

Keywords

#ffi #buffer-overflow

Aliases

GHSA-fq33-vmhv-48xh

References

https://github.com/FrinkGlobal/ntru-rs/issues/8

Patched

no patched versions

Affected Functions

Version

ntru::types::PrivateKey::export

>=0.4.3

ntru::types::PublicKey::export

>=0.4.3

Description

The following usage causes undefined behavior.

let kp: ntru::types::KeyPair = …;
kp.get_public().export(Default::default())

When compiled with debug assertions, the code above will trigger a attempt to subtract with overflow panic before UB occurs. Other mistakes (e.g. using EncParams from a different key) may always trigger UB.

Likely, older versions of this crate are also affected, but have not been tested.

Advisory available under CC0-1.0 license.