bdk-cli icon indicating copy to clipboard operation
bdk-cli copied to clipboard
verified publisher icon bitcoindevkit

RUSTSEC-2022-0046: Out-of-bounds read when opening multiple column families with TTL

Open github-actions[bot] opened this issue 3 years ago • 1 comments

Out-of-bounds read when opening multiple column families with TTL

Details
Package rocksdb
Version 0.14.0
URL https://github.com/rust-rocksdb/rust-rocksdb/pull/616
Date 2022-05-11
Patched versions >=0.19.0

Affected versions of this crate called the RocksDB C API rocksdb_open_column_families_with_ttl() with a pointer to a single integer TTL value, but one TTL value for each column family is expected.

This is only relevant when using rocksdb::DBWithThreadMode::open_cf_descriptors_with_ttl() with multiple column families.

This bug has been fixed in v0.19.0.

See advisory page for additional details.

github-actions[bot] avatar Aug 14 '22 01:08 github-actions[bot]

Well need to update rocksdb in bdk first, then we can fix this in bdk-cli.

notmandatory avatar Aug 25 '22 00:08 notmandatory