HistoryEditJSON (OSV)

RUSTSEC-2025-0032

Safe API can cause heap-buffer-overflow

Reported
Issued
Package
redox_uefi_std (crates.io)
Type
INFO Unsound
Categories
Keywords
#out-of-bounds-read
References
Patched
  • >=0.1.14
Unaffected
  • <0.1.8
Affected Functions
Version
redox_uefi_std::ffi::nstr
  • >=0.1.8, <0.1.14

Description

ffi::nstr() should be marked unsafe, since a pointer to a buffer without a trailing 0 value will cause a heap buffer overflow.

Advisory available under CC0-1.0 license.