- Reported
-
- Issued
-
- Package
-
tanton_engine
(crates.io)
- Type
-
Vulnerability
- Categories
-
- Patched
-
no patched versions
- Affected Functions
- Version
tanton_engine::RootMoveList::insert_score
-
tanton_engine::RootMoveList::insert_score_depth
-
tanton_engine::Stack::offset
-
tanton_engine::ThreadStack::get
-
Description
The following functions in the tanton_engine
crate are unsound due to lack of sufficient boundary
checks in public API:
Stack::offset()
ThreadStack::get()
RootMoveList::insert_score_depth()
RootMoveList::insert_score()
The tanton_engine crate is no longer maintained, so there are no plans to fix this issue.
Advisory available under CC0-1.0
license.