Описание
Integer overflow in base64
Affected versions of this crate suffered from an integer overflow bug when
calculating the size of a buffer to use when encoding base64 using the
encode_config_buf and encode_config functions. If the input string
was large, this would cause a buffer to be allocated that was too small.
Since this function writes to the buffer using unsafe code, it would
allow an attacker to write beyond the buffer, causing memory corruption
and possibly the execution of arbitrary code.
This flaw was corrected by using checked arithmetic to calculate the size of the buffer.
Пакеты
base64
< 0.5.2
0.5.2
Связанные уязвимости
rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions
rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when c ...