New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Scope API is unsound
#9
Comments
|
thanks for the advise. I just remove the unsafe |
|
I think this can be closed. It's all in 0.6.12 |
|
Accessing a dangling pointer is usually an exploitable vulnerability. Please file a security advisory at https://github.com/RustSec/advisory-db so that users of this crate can check if they're running a vulnerable version and upgrade. Also, please consider yanking affected versions. |
|
Thanks for the info. I will do it in next release. |
Scope::newtakes 2*mut Option<_>parameters, but the rest of theScopeAPI assumes that those raw pointers are valid. For example, the publicget_yieldmethod does the following:Calling
Scope::newwith invalid (null, misaligned or dangling) pointers is possible in safe Rust, andget_yieldcan also be called from safe Rust, therefore this API is unsound.Either
Scope::newshould be markedunsafe, or it should take&'a mut Option<_>instead of raw pointers, adding a lifetime parameter toScope.The text was updated successfully, but these errors were encountered: