File tree Expand file tree Collapse file tree 1 file changed +22
-0
lines changed Expand file tree Collapse file tree 1 file changed +22
-0
lines changed Original file line number Diff line number Diff line change 1+ ``` toml
2+ [advisory ]
3+ id = " RUSTSEC-0000-0000"
4+ package = " stackvector"
5+ date = " 2021-02-19"
6+ url = " https://github.com/Alexhuszagh/rust-stackvector/issues/2"
7+ categories = [" memory-corruption"
8+
9+ [versions ]
10+ patched = []
11+ ```
12+
13+ # StackVec::extend can write out of bounds when size_hint is incorrect
14+
15+ ` StackVec::extend ` used the lower and upper bounds from an Iterator's
16+ ` size_hint ` to determine how many items to push into the stack based vector.
17+
18+ If the ` size_hint ` implementation returned a lower bound that was larger than
19+ the upper bound, ` StackVec ` would write out of bounds and overwrite memory
20+ on the stack. As mentioned by the [ size_hint] ( https://doc.rust-lang.org/std/iter/trait.Iterator.html#provided-methods )
21+ documentation, ` size_hint ` is mainly for optimization and incorrect
22+ implementations should not lead to memory safety issues.
You can’t perform that action at this time.
0 commit comments