vec_deque::Iter has unsound Debug implementation

Question

vec_deque::Iter has unsound Debug implementation

RalfJung opened this issue 6 years ago · 1 comments

Found by @MaloJaffre: The following code causes UB (not observable through crashes, but still):

use std::collections::VecDeque;
fn main() {
    println!("{:?}", VecDeque::<u32>::new().iter());
}

This will create a VecDeque ring with capacity 8, then turn that into a slice for Iter, and then print that entire slice. Run it in Miri to see for yourself (Miri is in the "tools" menu).

Answer 1 · 2019-07-19T11:19:05.000Z

This was assigned CVE-2019-1010299.