- Reported
-
- Issued
-
- Package
-
totally-safe-transmute
(crates.io)
- Type
-
INFO
Unsound
- Categories
-
- Keywords
-
#soundness-hole
- References
-
- Patched
-
no patched versions
Description
This crate uses a known soundness issue (https://github.com/rust-lang/rust/issues/32670) that will never get fixed. In short, Linux provides a file called /proc/self/mem
which can be used by a program to modify its own memory. This library modifies an enum variant number by accessing its own memory as a file to effectively transmute a variable.
See also https://doc.rust-lang.org/std/os/unix/io/index.html#procselfmem-and-similar-os-features
Advisory available under CC0-1.0
license.