Описание
os_str_bytes relies on undefined behavior of char::from_u32_unchecked
The Windows implementation of this crate relied on the behavior of std::char::from_u32_unchecked when its safety clause is violated. Even though this worked with Rust versions up to 1.42 (at least), that behavior could change with any new Rust version, possibly leading a security issue.
The flaw was corrected in version 2.0.0.
Пакеты
Наименование
os_str_bytes
rust
Затронутые версииВерсия исправления
< 2.0.0
2.0.0
Связанные уязвимости
CVSS3: 7.5
nvd
около 5 лет назад
An issue was discovered in the os_str_bytes crate before 2.0.0 for Rust. It has false expectations about char::from_u32_unchecked behavior.