Описание
Data races in signal-simple
Affected versions of this crate unconditionally implement Send/Sync for SyncChannel. SyncChannel doesn't provide access to &T but merely serves as a channel that consumes and returns owned T.
Users can create UB in safe Rust by sending T: !Send to other threads with SyncChannel::send/recv APIs. Using T = Arc<Cell<_> allows to create data races (which can lead to memory corruption), and using T = MutexGuard allows to unlock a mutex from a thread that didn't lock the mutex.
Пакеты
Наименование
signal-simple
rust
Затронутые версииВерсия исправления
<= 0.1.1
Отсутствует
Связанные уязвимости
CVSS3: 8.1
nvd
больше 4 лет назад
An issue was discovered in the signal-simple crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for SyncChannel<T>.