{"id":"RUSTSEC-2023-0033","summary":"Parsing borsh messages with ZST which are not-copy/clone is unsound","details":"Affected versions of borsh cause undefined behavior when zero-sized-types (ZST) \nare parsed and the Copy/Clone traits are not implemented/derived.\nFor instance if 1000 instances of a ZST are deserialized, and the ZST is not copy \n(this can be achieved through a singleton), then accessing/writing to deserialized \ndata will cause a segmentation fault.\n\nThere is currently no way for borsh to read data without also providing a Rust type. \nTherefore, if not ZST are used for serialization, then you are not affected by this issue.","aliases":["GHSA-fjx5-qpf4-xjf2"],"modified":"2024-09-23T15:02:17Z","published":"2023-04-12T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/borsh"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2023-0033.html"},{"type":"REPORT","url":"https://github.com/near/borsh-rs/issues/19"},{"type":"WEB","url":"https://github.com/near/borsh-rs/pull/136"}],"affected":[{"package":{"name":"borsh","ecosystem":"crates.io","purl":"pkg:cargo/borsh"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.10.4"},{"introduced":"0.11.0-0"},{"fixed":"1.0.0-alpha.1"}]}],"ecosystem_specific":{"affected_functions":null,"affects":{"os":[],"functions":[],"arch":[]}},"database_specific":{"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2023-0033.json","informational":"unsound","cvss":null,"categories":["memory-corruption"]}}],"schema_version":"1.7.3"}