Cheerful Ottering
Cheerful Ottering
same for fetch_db_version_from_storage https://github.com/tursodatabase/libsql/blob/0c5b83faf1bff2ebd43105a3cf2021a4a6b459e3/libsql-sqlite3/ext/crr/rs/core/src/db_version.rs#L98
PoC: ``` // Proof of Concept demonstrating undefined behavior in buffer_as_slice // This code uses only safe Rust to trigger UB in the unsafe function // The problematic function (copied...
same problem for "buffer_as_slice_mut"
same for https://github.com/bbodi/rustarok/blob/7ea7abfa5631f74ad31ce0c2f0f8730c9ef70765/common/src/packets/mod.rs#L181 https://github.com/bbodi/rustarok/blob/7ea7abfa5631f74ad31ce0c2f0f8730c9ef70765/common/src/packets/mod.rs#L188 https://github.com/bbodi/rustarok/blob/7ea7abfa5631f74ad31ce0c2f0f8730c9ef70765/common/src/packets/mod.rs#L195 https://github.com/bbodi/rustarok/blob/7ea7abfa5631f74ad31ce0c2f0f8730c9ef70765/common/src/packets/mod.rs#L202
other bug: 15:24:17|RAP|INFO|: 2: Public function with direct parameter to unsafe operation: utf::u2s 15:24:17|RAP|INFO|: unsafe operations: 15:24:17|RAP|INFO|: (1) std::ffi::CStr::from_ptr(_8), 15:24:17|RAP|INFO|: 15:24:17|RAP|INFO|: 3: Public function with direct parameter to unsafe operation:...
https://github.com/sciter-sdk/rust-sciter/blob/789013a5353826b681c896eef489a450ece84c9c/src/utf.rs#L155 This is a similar problem, although here we check that the pointer is not null and that its length is not 0. But in practice any invalid pointer or...
same problem for https://github.com/intel/tsffs/blob/1556d0facc804e35b5696622868ea7d0c3a4b989/src/interfaces/fuzz.rs#L29 and https://github.com/intel/tsffs/blob/1556d0facc804e35b5696622868ea7d0c3a4b989/src/interfaces/fuzz.rs#L239 ``` pub fn repro(&mut self, testcase_file: *mut c_char) -> Result { let simics_path = unsafe { CStr::from_ptr(testcase_file) }.to_str()?; let testcase_file = lookup_file(simics_path)?; debug!(self.as_conf_object(), "repro({})",...
Thanks for your reply. I go through those code again and find all those `from_ptr` result are handled by `?`, so, in suppose there will be a panic instead of...