RUSTSEC-2019-0028: Unsound `impl Follow for bool`
Closed this issue · 1 comments
github-actions commented
Unsound
impl Follow for bool
| Details | |
|---|---|
| Package | flatbuffers |
| Version | 0.6.0 |
| URL | google/flatbuffers#5530 |
| Date | 2019-10-20 |
| Unaffected versions | < 0.4.0 |
The implementation of impl Follow for bool allows to reinterpret arbitrary bytes as a bool.
In Rust bool has stringent requirements for its in-memory representation. Use of this function
allows to violate these requirements and invoke undefined behaviour in safe code.
See advisory page for additional details.