Add advisory for soundness bug in simd-json-derive < 0.12

Signed-off-by: Heinz N. Gies <[email protected]>
rustsec · Oct 14, 2023 · 2f4ceed · 2f4ceed
1 parent 58c33af
commit 2f4ceed
Showing 1 changed file with 28 additions and 0 deletions.
diff --git a/crates/simd-json-derive/RUSTSEC-0000-0000.md b/crates/simd-json-derive/RUSTSEC-0000-0000.md
@@ -0,0 +1,28 @@
+```toml
+[advisory]
+
+id = "RUSTSEC-0000-0000"
+
+package = "simd-json-derive"
+
+date = "2023-10-14"
+
+
+url = "https://github.com/simd-lite/simd-json-derive/issues/67"
+
+informational = "unsound"
+
+categories = []
+
+# Freeform keywords which describe this vulnerability, similar to Cargo (optional)
+keywords = ["panic", "undefined behavior"]
+
+[versions]
+patched = [">= 0.12.0"]
+```
+
+# `MaybeUninit` misuse in `simd-json-derive`
+
+An invalid use of `MaybeUninit::uninit().assume_init()` in `simd-json-derive`'s derive macro can cause undefined behavior. The original code used `MaybeUninit` to avoid initialisation of the struct and then set the fields using `ptr::write`. The undevinded behavior triggered by this misuse of `MaybeUninit` can lead to invlaid memory access and panics in binaries compiled in release mode.
+
+The `0.12.0` removes this section of code, avoiding the use of MaybeUninit alltogether.