-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unsound usages of VecFromRawParts
#47
Comments
Thanks for the heads up! I apologize, but I can't actually tell what you are saying. It might be different words meaning different things to different folks, so let me ask!
Also, no idea what "autograd" is. Is it relevant, or a copy/paste-o? That being said, 100% there's all sorts of undefined behavior here, not least because I can't find the definition of what behavior is defined for Rust in |
Hi, thanks for your kind and detailed response! I am just up to work due to the jet lag. Sorry for the "autograd" mis-typed. I reported several repos and this is a mistake. Since |
No worries! In this context, Without wanting to pretend that there aren't problems, the contexts in which All that being said, it wouldn't be the first time that "upholding rules about how one thinks Rust probably works" has not been the same as "writing Rust without UB". The crate is unfortunately full of this, and marks all of its methods |
Hi, I am scanning the abomination in the latest version with my own static analyzer tool.
Unsafe conversion found at: src/lib.rs#L496
This unsound implementation of
Vec::from_raw_parts
would create a dangling pointer issues if themine
is dropped automatically before therest
is used. The 'mem::forget' function can be used to avoid the issue.This would potentially cause undefined behaviors in Rust. If we further manipulate the problematic converted types, it would potentially lead to different consequences such as uaf or double free. I am reporting this issue for your attention.
The text was updated successfully, but these errors were encountered: