- Reported
-
- Issued
-
- Package
-
memoffset
(crates.io)
- Type
-
INFO
Unsound
- Categories
-
- Keywords
-
#memoffset
#offset
- Aliases
-
- References
-
- Patched
-
- Affected Functions
- Version
memoffset::offset_of
-
Description
memoffset allows attempt of reading data from address 0
with arbitrary type. This behavior is an undefined behavior because address 0
to std::mem::size_of<T>
may not have valid bit-pattern with T
. Old implementation dereferences uninitialized memory obtained from std::mem::align_of
. Older implementation prior to it allows using uninitialized data obtained from std::mem::uninitialized
with arbitrary type then compute offset by taking the address of field-projection. This may also result in an undefined behavior for "father" that includes (directly or transitively) type that does not allow to be uninitialized.
This flaw was corrected by using std::ptr::addr_of
in https://github.com/Gilnaa/memoffset/pull/50.
Advisory available under CC0-1.0
license.