diff --git a/crates/zerocopy/RUSTSEC-0000-0000.md b/crates/zerocopy/RUSTSEC-0000-0000.md new file mode 100644 index 000000000..dabdebf7a --- /dev/null +++ b/crates/zerocopy/RUSTSEC-0000-0000.md @@ -0,0 +1,31 @@ +```toml +[advisory] +id = "RUSTSEC-0000-0000" +package = "zerocopy" +date = "2023-12-14" +url = "https://github.com/google/zerocopy/issues/716" +keywords = ["ref", "refcell", "mutable-aliasing"] + +[versions] +patched = [">= 0.2.9, < 0.3.0", ">= 0.3.2, < 0.4.0", ">= 0.4.1, < 0.5.0", ">= 0.5.2, < 0.6.0", ">= 0.6.6, < 0.7.0", ">= 0.7.31"] +unaffected = ["< 0.2.2"] + +[affected.functions] +"zerocopy::Ref::into_ref" = [">= 0.2.2, < 0.2.9", ">= 0.3.0, < 0.3.2", ">= 0.4.0, < 0.4.1", ">= 0.5.0, < 0.5.2", ">= 0.6.0, < 0.6.6", ">= 0.7.0, < 0.7.31"] +"zerocopy::Ref::into_mut" = [">= 0.2.2, < 0.2.9", ">= 0.3.0, < 0.3.2", ">= 0.4.0, < 0.4.1", ">= 0.5.0, < 0.5.2", ">= 0.6.0, < 0.6.6", ">= 0.7.0, < 0.7.31"] +"zerocopy::Ref::into_slice" = [">= 0.2.2, < 0.2.9", ">= 0.3.0, < 0.3.2", ">= 0.4.0, < 0.4.1", ">= 0.5.0, < 0.5.2", ">= 0.6.0, < 0.6.6", ">= 0.7.0, < 0.7.31"] +"zerocopy::Ref::into_mut_slice" = [">= 0.2.2, < 0.2.9", ">= 0.3.0, < 0.3.2", ">= 0.4.0, < 0.4.1", ">= 0.5.0, < 0.5.2", ">= 0.6.0, < 0.6.6", ">= 0.7.0, < 0.7.31"] +``` + +# Some Ref methods are unsound with some type parameters + +The `Ref` methods `into_ref`, `into_mut`, `into_slice`, and `into_slice_mut` are unsound +and may allow safe code to exhibit undefined behavior when used with `Ref` where `B` +is [`cell::Ref`](https://doc.rust-lang.org/core/cell/struct.Ref.html) or +[`cell::RefMut`](https://doc.rust-lang.org/core/cell/struct.RefMut.html). Note that these +methods remain sound when used with `B` types other than `cell::Ref` or `cell::RefMut`. + +See https://github.com/google/zerocopy/issues/716 for a more in-depth analysis. + +The current plan is to yank the affected versions soon. See +https://github.com/google/zerocopy/issues/679 for more detail.