Headline
GHSA-pqpw-89w5-82v5: `simd-json-derive` vulnerable to `MaybeUninit` misuse
An invalid use of MaybeUninit::uninit().assume_init() in simd-json-derive's derive macro can cause undefined behavior. The original code used MaybeUninit to avoid initialisation of the struct and then set the fields using ptr::write. The undefined behavior triggered by this misuse of MaybeUninit can lead to invlaid memory access and panics in binaries compiled in release mode (aka simd-json-derive prior to version 0.12 has UB and optimizes into some nonsense)
The version 0.12.0 removes this section of code, avoiding the use of MaybeUninit alltogether.
- GitHub Advisory Database
- GitHub Reviewed
- GHSA-pqpw-89w5-82v5
`simd-json-derive` vulnerable to `MaybeUninit` misuse
Moderate severity GitHub Reviewed Published Nov 12, 2024 to the GitHub Advisory Database • Updated Nov 12, 2024
Package
cargo simd-json-derive (Rust)
Affected versions
< 0.12.0
An invalid use of MaybeUninit::uninit().assume_init() in simd-json-derive’s derive macro can cause undefined behavior. The original code used MaybeUninit to avoid initialisation of the struct and then set the fields using ptr::write. The undefined behavior triggered by this misuse of MaybeUninit can lead to invlaid memory access and panics in binaries compiled in release mode (aka simd-json-derive prior to version 0.12 has UB and optimizes into some nonsense)
The version 0.12.0 removes this section of code, avoiding the use of MaybeUninit alltogether.
References
- simd-lite/simd-json-derive#67
- https://rustsec.org/advisories/RUSTSEC-2023-0087.html
Published to the GitHub Advisory Database
Nov 12, 2024
Last updated
Nov 12, 2024