advisory-db icon indicating copy to clipboard operation
advisory-db copied to clipboard
verified publisher icon rustsec

Add advisory for zipora undefined behavior

Open lewismosciski opened this issue 2 months ago • 3 comments

The safe function fast_prefetch_range accepts raw pointer without validation, allowing undefined behavior through pointer wraparound.

Details

  • Affects versions < 2.0.1
  • Fixed in v2.0.1 by changing API to accept &[u8] instead of raw pointer
  • Maintainer confirmed and patched: https://github.com/infinilabs/zipora/issues/10

lewismosciski avatar Oct 21 '25 13:10 lewismosciski

@bindiego are you okay with this advisory being published?

@lewismosciski the RustSec project by policy typically requires maintainers to consent to advisories. If you're going to file lots of these, please bring along the maintainers where possible.

djc avatar Oct 21 '25 16:10 djc

Hi @djc, thanks for the heads-up on the policy.

All advisories I filed are for issues that have already been confirmed and patched by the maintainers.

I'm signing off for the day, but I'll contact the maintainers for these pending advisories to get their consent here when I'm back.

One follow-up question: For future reference, what is the policy if a maintainer doesn't respond to a vulnerability report after a reasonable amount of time? Is publishing an advisory still possible then?

lewismosciski avatar Oct 21 '25 16:10 lewismosciski

One follow-up question: For future reference, what is the policy if a maintainer doesn't respond to a vulnerability report after a reasonable amount of time? Is publishing an advisory still possible then?

See https://github.com/rustsec/advisory-db/blob/main/HOWTO_UNMAINTAINED.md.

djc avatar Oct 21 '25 18:10 djc