From 8152fbc6e8edb62c1c2c2a4aeca2b367456d5023 Mon Sep 17 00:00:00 2001 From: shinmao Date: Sat, 18 Jan 2025 17:04:50 -0500 Subject: [PATCH 1/4] add unsoundness of indradb-lib --- crates/indradb-lib/RUSTSEC-0000-0000.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 crates/indradb-lib/RUSTSEC-0000-0000.md diff --git a/crates/indradb-lib/RUSTSEC-0000-0000.md b/crates/indradb-lib/RUSTSEC-0000-0000.md new file mode 100644 index 0000000000..30f8b7283f --- /dev/null +++ b/crates/indradb-lib/RUSTSEC-0000-0000.md @@ -0,0 +1,21 @@ +```toml +[advisory] +id = "RUSTSEC-0000-0000" +package = "indradb-lib" +date = "2025-01-18" +url = "https://github.com/indradb/indradb/issues/317" +categories = ["memory-corruption"] +keywords = ["out-of-bounds"] + +[versions] +patched = [">= 4.0.0"] +unaffected = ["< 3.0.0"] + +[affected] +functions = {"indradb-lib::util::read_identifier" = [">= 3.0.0, < 4.0.0"]} +``` + +# Unsound `read_identifier` +The function incorrectly assumes that any `T` could be legal `u8`, then could be used to create legal string with utf8-encoding, causing to out-of-bounds. + +The function is patched by making it `unsafe`, asking user to guarantee the correctness and safety of input before calling the API (commit `4773393`). \ No newline at end of file From d5ef09e46a2a14aa8b1baa0340f02a433301bedc Mon Sep 17 00:00:00 2001 From: shinmao Date: Sat, 18 Jan 2025 17:11:56 -0500 Subject: [PATCH 2/4] affected functions in indradb-lib --- crates/indradb-lib/RUSTSEC-0000-0000.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/crates/indradb-lib/RUSTSEC-0000-0000.md b/crates/indradb-lib/RUSTSEC-0000-0000.md index 30f8b7283f..eac1ebb594 100644 --- a/crates/indradb-lib/RUSTSEC-0000-0000.md +++ b/crates/indradb-lib/RUSTSEC-0000-0000.md @@ -11,8 +11,10 @@ keywords = ["out-of-bounds"] patched = [">= 4.0.0"] unaffected = ["< 3.0.0"] -[affected] -functions = {"indradb-lib::util::read_identifier" = [">= 3.0.0, < 4.0.0"]} +[affected.functions] +"indradb-lib::util::read_identifier" = [ + "">= 3.0.0, < 4.0.0"", +] ``` # Unsound `read_identifier` From 4fc535a57e9e1dfa25330f2c30d05849b519e932 Mon Sep 17 00:00:00 2001 From: shinmao Date: Sat, 18 Jan 2025 17:13:30 -0500 Subject: [PATCH 3/4] affected functions in indradb-lib --- crates/indradb-lib/RUSTSEC-0000-0000.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/indradb-lib/RUSTSEC-0000-0000.md b/crates/indradb-lib/RUSTSEC-0000-0000.md index eac1ebb594..9ea5cf6e6d 100644 --- a/crates/indradb-lib/RUSTSEC-0000-0000.md +++ b/crates/indradb-lib/RUSTSEC-0000-0000.md @@ -13,7 +13,7 @@ unaffected = ["< 3.0.0"] [affected.functions] "indradb-lib::util::read_identifier" = [ - "">= 3.0.0, < 4.0.0"", + ">= 3.0.0, < 4.0.0", ] ``` From dc783be44df78a5b3d6f2bbde4b8077a9de0cc71 Mon Sep 17 00:00:00 2001 From: shinmao Date: Sat, 18 Jan 2025 17:17:51 -0500 Subject: [PATCH 4/4] affected functions in indradb-lib --- crates/indradb-lib/RUSTSEC-0000-0000.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/indradb-lib/RUSTSEC-0000-0000.md b/crates/indradb-lib/RUSTSEC-0000-0000.md index 9ea5cf6e6d..e8d88ef588 100644 --- a/crates/indradb-lib/RUSTSEC-0000-0000.md +++ b/crates/indradb-lib/RUSTSEC-0000-0000.md @@ -12,7 +12,7 @@ patched = [">= 4.0.0"] unaffected = ["< 3.0.0"] [affected.functions] -"indradb-lib::util::read_identifier" = [ +"indradb_lib::util::read_identifier" = [ ">= 3.0.0, < 4.0.0", ] ```