HistoryEditJSON (OSV)

RUSTSEC-2023-0045

memoffset allows reading uninitialized memory

Reported
Issued
Package
memoffset (crates.io)
Type
INFO Unsound
Categories
Keywords
#memoffset #offset
Aliases
References
Patched
  • >=0.6.2
Affected Functions
Version
memoffset::offset_of
  • <0.6.2

Description

memoffset allows attempt of reading data from address 0 with arbitrary type. This behavior is an undefined behavior because address 0 to std::mem::size_of<T> may not have valid bit-pattern with T. Old implementation dereferences uninitialized memory obtained from std::mem::align_of. Older implementation prior to it allows using uninitialized data obtained from std::mem::uninitialized with arbitrary type then compute offset by taking the address of field-projection. This may also result in an undefined behavior for "father" that includes (directly or transitively) type that does not allow to be uninitialized.

This flaw was corrected by using std::ptr::addr_of in https://github.com/Gilnaa/memoffset/pull/50.

Advisory available under CC0-1.0 license.