Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

RUSTSEC-2024-0357: MemBio::get_buf has undefined behavior with empty buffers #19

Open
github-actions bot opened this issue Jul 31, 2024 · 0 comments
Open

RUSTSEC-2024-0357: MemBio::get_buf has undefined behavior with empty buffers #19

github-actions bot opened this issue Jul 31, 2024 · 0 comments

Comments

@github-actions
Copy link

Details
Package openssl
Version 0.10.44
URL sfackler/rust-openssl#2266
Patched Versions >=0.10.66

Previously, MemBio::get_buf called slice::from_raw_parts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
0 participants