Описание
Arbitrary return types in xcb
The function xcb::xproto::GetPropertyReply::value() returns a slice of type T where T is an unconstrained type parameter. The raw bytes received from the X11 server are interpreted as the requested type. The users of the xcb crate are advised to only call this function with the intended types. These are u8, u16, and u32.
This issue is tracked here: https://github.com/rust-x-bindings/rust-xcb/issues/95
Пакеты
xcb
< 1.0.0
1.0.0
Связанные уязвимости
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because bytes from an X server can be interpreted as any data type returned by xcb::xproto::GetPropertyReply::value.
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because bytes from an X server can be interpreted as any data type returned by xcb::xproto::GetPropertyReply::value.
An issue was discovered in the xcb crate through 2021-02-04 for Rust. ...