advisory-db icon indicating copy to clipboard operation
advisory-db copied to clipboard
verified publisher icon rustsec

fast-able possible unsound public API

Open charlesxsh opened this issue 8 months ago • 5 comments

Cannot find a way to create PR/issue over the upstream project, so I cannot reference a link to this report.

charlesxsh avatar Apr 25 '25 18:04 charlesxsh

I don't think there's actually a soundness bug here.

The reason is a bit silly: the src/vec.rs file isn't actually used when building the crate. Instead, the relevant mod statement uses a #[path] attribute to replace the path with src/vec2.rs. I can't speak for the soundness of the overall crate, but you can see the real implementation of SyncVec::get_uncheck doesn't have an unsafe block.

Oh I should add more details. The version of the crate to have this issue is 1.11.7. Link: https://docs.rs/crate/fast-able/1.11.7/source/src/vec.rs. Would you verify does this version of code align with the description? If yes, I will add the detail version info.

charlesxsh avatar May 26 '25 23:05 charlesxsh

Ah, version 1.11.7 does seem to be vulnerable. A quick way to check is to go to the docs.rs page for a specific version and click the "source" link on SyncVec::get_uncheck

Sounds good. I will add this detail to md file

charlesxsh avatar May 27 '25 03:05 charlesxsh

@guoyucode we'd like to publish an advisory this -- is that okay with you?

djc avatar May 28 '25 07:05 djc

@djc should we publish it? no response from @guoyucode for months.

charlesxsh avatar Sep 10 '25 19:09 charlesxsh