Описание
insert_slice_clone can double drop if Clone panics.
Affected versions of this crate used ptr::copy when inserting into the middle of a Vec. When ownership was temporarily duplicated during this copy, it calls the clone method of a user provided element.
This issue can result in an element being double-freed if the clone call panics.
Commit 20cb73d fixed this issue by adding a set_len(0) call before operating on the vector to avoid dropping the elements during a panic.
Пакеты
Наименование
qwutils
rust
Затронутые версииВерсия исправления
< 0.3.1
0.3.1
Связанные уязвимости
CVSS3: 5.3
nvd
почти 5 лет назад
An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop.