{"id":"RUSTSEC-2025-0032","summary":"Safe API can cause heap-buffer-overflow","details":"ffi::nstr() should be marked unsafe, since a pointer to a buffer without a trailing 0 value will cause a heap buffer overflow.","aliases":["GHSA-58xc-hpvq-8473"],"modified":"2025-10-28T06:29:23.114976Z","published":"2025-03-27T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/redox_uefi_std"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2025-0032.html"},{"type":"WEB","url":"https://gitlab.redox-os.org/redox-os/uefi/-/commit/b711d47e815665b0ec8949e39292ad8e3fdd0756"}],"affected":[{"package":{"name":"redox_uefi_std","ecosystem":"crates.io","purl":"pkg:cargo/redox_uefi_std"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.1.8"},{"fixed":"0.1.14"}]}],"ecosystem_specific":{"affected_functions":null,"affects":{"arch":[],"functions":["redox_uefi_std::ffi::nstr"],"os":[]}},"database_specific":{"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2025-0032.json","categories":["memory-corruption"],"cvss":null,"informational":"unsound"}}],"schema_version":"1.7.3"}