- Reported
-
- Issued
-
- Package
-
cxx
(crates.io)
- Type
-
INFO
Unsound
- Categories
-
- Keywords
-
#exception
#unwind
- References
-
- Patched
-
- Affected Functions
- Version
cxx::let_cxx_string
-
Description
In affected versions of this crate, let_cxx_string! is not exception safe. After creating the StackString, if match $value panics, the content of StackString is not yet initialized, while the drop implementation of StackString unconditionally deinitializes the content, leading to use of uninitialized value.
The soundness issue was fixed in version 1.0.195 by moving drop logics to separate drop guard after initializing the StackString.
Advisory available under CC0-1.0
license.