Cheerful Ottering

Also, given that this is an Unsound issue, I'm not sure if we should report it to RustSec?

Ok, I'm not quite familiar with the requirements of the report, thanks for clarification.

same for https://github.com/beling/bsuccinct-rs/blob/eeedbce79d01a441b365248fe8179556ef9f4a78/ph/src/seeds.rs#L101 which may also OOB.

ping

Yes, thanks for your reply! I think that's enough.

here is my PoC: ``` use std::ptr; pub struct sqlite3_index_info_sqlite3_index_constraint_usage { pub argvIndex: i32, pub omit: u8, } pub struct Constraint { //pub constraint: sqlite3_index_info_sqlite3_index_constraint, pub usage: *mut sqlite3_index_info_sqlite3_index_constraint_usage, //...

Maybe same unsoundness problem for https://github.com/asg017/sqlite-loadable-rs/blob/2c5c049c0c9e010a70b458fde459facf294befce/src/table.rs#L253 but this is because the new method didn't varify the pointer validity. and if pass a null pointer it may cause UB in https://github.com/asg017/sqlite-loadable-rs/blob/2c5c049c0c9e010a70b458fde459facf294befce/src/table.rs#L268

ping?

another samilar path is pub fn new -> fn parse_hex_field -> fn parse_str_field. I think a porper solution is add check in fn parse_str_field.