- Reported
-
- Issued
-
- Package
-
linkme
(crates.io)
- Type
-
INFO
Unsound
- References
-
- Patched
-
Description
Affected versions allow populating a DistributedSlice of T with elements of an
arbitrary other type that coerces to T. For example, elements of type &&str
could end up in a slice of type [&str], since &&str coerces to &str via a
deref coercion.
The flaw was corrected by implementing typechecking for distributed slice
elements in such a way that coercion no longer occurs. The element's type must
be a subtype of the slice's declared element type.
Advisory available under CC0-1.0
license.