RUSTSEC-2025-0105

Uninitialized memory exposure in create_ring_buffer

Reported

October 21, 2025

Issued

October 21, 2025

Package

direct_ring_buffer (crates.io)

Type

INFO Unsound

Categories

memory-exposure

Keywords

#uninitialized-memory #soundness

References

https://github.com/ain1084/direct_ring_buffer/issues/1
https://github.com/ain1084/direct_ring_buffer/pull/2

Patched

>=0.2.2

Affected Functions

Version

direct_ring_buffer::create_ring_buffer

<=0.2.1

Description

The safe function create_ring_buffer allocates a buffer using Vec::with_capacity followed by set_len, creating a Box<[T]> containing uninitialized memory.

This leads to undefined behavior when functions like write_slices create typed slices (e.g., &mut [bool]) over the uninitialized memory, violating Rust's validity invariants. The issue has been confirmed using Miri.

Fixed in version 0.2.2 by using resize_with to properly initialize the buffer with T::default(), adding a T: Default bound to ensure sound initialization.

Advisory available under CC0-1.0 license.