From 7425061bce95976f6bd1309189ec8d806db22673 Mon Sep 17 00:00:00 2001 From: Shihao Xia Date: Fri, 25 Apr 2025 14:35:42 -0400 Subject: [PATCH 1/3] init --- crates/fast-able/RUSTSEC-0000-0000.md | 36 +++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 crates/fast-able/RUSTSEC-0000-0000.md diff --git a/crates/fast-able/RUSTSEC-0000-0000.md b/crates/fast-able/RUSTSEC-0000-0000.md new file mode 100644 index 000000000..e401faf0e --- /dev/null +++ b/crates/fast-able/RUSTSEC-0000-0000.md @@ -0,0 +1,36 @@ +```toml +[advisory] +id = "RUSTSEC-0000-0000" +package = "fast-able" +date = "2025-04-25" +categories = ["memory-corruption"] +``` + +# Possible unsound public API + +At src/vec.rs: + +```rust +impl SyncVec +where + V: Clone, +{ + pub fn to_vec(&self) -> Vec { + let mut v = Vec::new(); + for i in self.iter() { + v.push(i.clone()); + } + v + } +} + +impl SyncVec { + ... + #[inline] + pub fn get_uncheck(&self, index: usize) -> &V { + unsafe { (&*self.dirty.get()).get_unchecked(index) } + } +``` + +The public accessible struct SyncVec has a public method get_unchecked. It accept a parameter index and used in the get_unchecked without sufficient checks as mentioned [here](https://doc.rust-lang.org/std/primitive.slice.html#method.get_unchecked). In Rust, safe function should not cause memory risks. + From 8d9e74b8fa8c7f549e8c671b9b6a6ca3fdc72594 Mon Sep 17 00:00:00 2001 From: Shihao Xia Date: Fri, 25 Apr 2025 15:17:06 -0400 Subject: [PATCH 2/3] add missing fields --- crates/fast-able/RUSTSEC-0000-0000.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/crates/fast-able/RUSTSEC-0000-0000.md b/crates/fast-able/RUSTSEC-0000-0000.md index e401faf0e..33fca3dad 100644 --- a/crates/fast-able/RUSTSEC-0000-0000.md +++ b/crates/fast-able/RUSTSEC-0000-0000.md @@ -4,6 +4,10 @@ id = "RUSTSEC-0000-0000" package = "fast-able" date = "2025-04-25" categories = ["memory-corruption"] + +[versions] +patched = [] +unaffected = [] ``` # Possible unsound public API From 4fa5321e7a50cc1efaaa7d39ea3c257d550b3d23 Mon Sep 17 00:00:00 2001 From: Shihao Xia Date: Mon, 26 May 2025 23:14:20 -0400 Subject: [PATCH 3/3] add version --- crates/fast-able/RUSTSEC-0000-0000.md | 31 +++++---------------------- 1 file changed, 5 insertions(+), 26 deletions(-) diff --git a/crates/fast-able/RUSTSEC-0000-0000.md b/crates/fast-able/RUSTSEC-0000-0000.md index 33fca3dad..85a6b3b02 100644 --- a/crates/fast-able/RUSTSEC-0000-0000.md +++ b/crates/fast-able/RUSTSEC-0000-0000.md @@ -5,36 +5,15 @@ package = "fast-able" date = "2025-04-25" categories = ["memory-corruption"] +[affected.functions] +"fast_able::vec::SyncVec::get_unchecked" = ["< 1.13.7"] + [versions] -patched = [] +patched = [">= 1.13.7"] unaffected = [] ``` # Possible unsound public API -At src/vec.rs: - -```rust -impl SyncVec -where - V: Clone, -{ - pub fn to_vec(&self) -> Vec { - let mut v = Vec::new(); - for i in self.iter() { - v.push(i.clone()); - } - v - } -} - -impl SyncVec { - ... - #[inline] - pub fn get_uncheck(&self, index: usize) -> &V { - unsafe { (&*self.dirty.get()).get_unchecked(index) } - } -``` - -The public accessible struct SyncVec has a public method get_unchecked. It accept a parameter index and used in the get_unchecked without sufficient checks as mentioned [here](https://doc.rust-lang.org/std/primitive.slice.html#method.get_unchecked). In Rust, safe function should not cause memory risks. +The public accessible struct SyncVec has a public safe method get_unchecked. It accept a parameter index and used in the get_unchecked without sufficient checks as mentioned [here](https://doc.rust-lang.org/std/primitive.slice.html#method.get_unchecked).