Critical Rust memory safety bug: returning pointer to stack-allocated PMTEntry

[THE-Amrit-mahto-05]

Description

While reviewing the Rust FFI layer, I found a use-after-scope (dangling pointer) bug in ctorust.rs.

An implementation of FromCType<*mut PMT_entry> returns a raw pointer derived from a stack-allocated Rust value, which becomes invalid immediately after the function returns.

This is undefined behavior in Rust, independent of C-side invariants, test coverage, or calling order.

Affected File: src/rust/src/ctorust.rs

Problematic Code

let mut pmt_entry = PMTEntry {
    program_number,
    elementary_pid,
    stream_type,
    printable_stream_type,
};

Some(&mut pmt_entry as *mut PMTEntry)

here

• pmt_entry is allocated on the stack
• A pointer to it is returned
• The function returns
• The stack frame is destroyed
• The returned pointer now points to invalid memory

Proposed Fix

let pmt_entry = PMTEntry { ... };
Some(Box::into_raw(Box::new(pmt_entry)))

[cfsmp3]

Please don't open a ticket for these things - PRs are OK, but issues are for users to report problems. If a developer sees a problem he/she just sends a PR.