RUSTSEC-2026-0123

Out-of-bounds read in bytes_helper public safe functions

Reported

May 2, 2026

Issued

May 12, 2026

Package

rustdx (crates.io)

Type

INFO Unsound

Categories

memory-corruption

Keywords

#out-of-bounds #buffer-overflow

References

https://github.com/zjp-CN/rustdx/issues/38

Patched

>=0.4.4

Description

The bytes_helper module contains multiple public functions (into_arr4(), into_arr2(), u8_from_le_bytes()) that use slice.get_unchecked(pos..pos + N) without verifying that pos + N <= slice.len(). These are public safe API functions, allowing any caller to trigger undefined behavior by passing invalid positions.

For example, calling into_arr4(&data, 10) where data is a 3-byte slice causes an out-of-bounds access since position 10 exceeds the slice length.

Advisory available under CC0-1.0 license.