From 6c4f62795dfb3990dd2638a02a989ffc8c059ba6 Mon Sep 17 00:00:00 2001
From: Nathaniel Daniel <nathaniel.daniel12@gmail.com>
Date: Mon, 7 Oct 2024 17:03:21 -0700
Subject: [PATCH] Add unsound advisory for `mimalloc`

---
 crates/mimalloc/RUSTSEC-0000-0000.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 crates/mimalloc/RUSTSEC-0000-0000.md

diff --git a/crates/mimalloc/RUSTSEC-0000-0000.md b/crates/mimalloc/RUSTSEC-0000-0000.md
new file mode 100644
index 000000000..3544288b9
--- /dev/null
+++ b/crates/mimalloc/RUSTSEC-0000-0000.md
@@ -0,0 +1,17 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "mimalloc"
+date = "2022-11-23"
+url = "https://github.com/purpleprotocol/mimalloc_rust/issues/87"
+informational = "unsound"
+
+[versions]
+patched = [">= 0.1.39"]
+```
+
+# Mimalloc Can Allocate Memory with Bad Alignment
+This crate depended on a promise regarding alignments made by the author of the mimalloc allocator to avoid using aligned allocation functions where possible for performance reasons.
+Since then, the mimalloc allocator's logic changed, making it break this promise.
+This caused this crate to return memory with an incorrect alignment for some allocations, particularly those with large alignments.
+The flaw was fixed by always using the aligned allocation functions.
\ No newline at end of file