bdk
bdk copied to clipboard
bitcoindevkit
RUSTSEC-2021-0145: Potential unaligned read
| Details | |
|---|---|
| Package | atty |
| Version | 0.2.14 |
| Warning | unsound |
| URL | https://github.com/softprops/atty/issues/50 |
| Patched Versions | n/a |
| Aliases | GHSA-g98v-hv3f-hcfr |
On windows, atty dereferences a potentially unaligned pointer.
In practice however, the pointer won't be unaligned unless a custom global allocator is used.
In particular, the System allocator on windows uses HeapAlloc, which guarantees a large enough alignment.
atty is Unmaintained
A Pull Request with a fix has been provided over a year ago but the maintainer seems to be unreachable.
Last release of atty was almost 3 years ago.
Possible Alternative(s)
The below list has not been vetted in any way and may or may not contain alternatives;
- std::io::IsTerminal - Stable since Rust 1.70.0
- is-terminal - Standalone crate supporting Rust older than 1.70.0
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@notmandatory can I work on this and test the viability of the 2 possible alternatives and revert back?
