{"id":"RUSTSEC-2023-0045","summary":"memoffset allows reading uninitialized memory","details":"memoffset allows attempt of reading data from address `0` with arbitrary type. This behavior is an undefined behavior because address `0` to `std::mem::size_of\u003cT\u003e` may not have valid bit-pattern with `T`. Old implementation dereferences uninitialized memory obtained from `std::mem::align_of`. Older implementation prior to it allows using uninitialized data obtained from `std::mem::uninitialized` with arbitrary type then compute offset by taking the address of field-projection. This may also result in an undefined behavior for \"father\" that includes (directly or transitively) type that [does not allow to be uninitialized](https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html).\n\nThis flaw was corrected by using `std::ptr::addr_of` in \u003chttps://github.com/Gilnaa/memoffset/pull/50\u003e.","aliases":["GHSA-wfg4-322g-9vqv"],"modified":"2023-11-08T04:23:47.381762Z","published":"2023-06-21T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/memoffset"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2023-0045.html"},{"type":"REPORT","url":"https://github.com/Gilnaa/memoffset/issues/24"}],"affected":[{"package":{"name":"memoffset","ecosystem":"crates.io","purl":"pkg:cargo/memoffset"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.6.2"}]}],"ecosystem_specific":{"affects":{"arch":[],"os":[],"functions":["memoffset::offset_of"]},"affected_functions":null},"database_specific":{"cvss":null,"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2023-0045.json","categories":["memory-corruption"],"informational":"unsound"}}],"schema_version":"1.7.3"}