Описание
Data races in lexer
lexer is a plugin based lexical reader.Affected versions of this crate implements Sync for ReaderResult<T, E> with the trait bound T: Send, E: Send. Since matching on the public enum ReaderResult<T, E> provides access to &T & &E, allowing data race to a non-Sync type T or E. This can result in a memory corruption when multiple threads concurrently access &T or &E. Suggested fix for the bug is change the trait bounds imposed on T & E to be T: Sync, E: Sync.
Пакеты
Наименование
lexer
rust
Затронутые версииВерсия исправления
<= 0.1.16
Отсутствует
Связанные уязвимости
CVSS3: 8.1
nvd
больше 4 лет назад
An issue was discovered in the lexer crate through 2020-11-10 for Rust. For ReaderResult<T, E>, there is an implementation of Sync with a trait bound of T: Send, E: Send.