| Titolo | ouch-org ouch 0.3.1 Memory Corruption |
|---|
| Descrizione | When trying to decompress a file using "ouch", we can reach the function "ouch::archive::zip::convert_zip_date_time".
In the function, there is a unsafe function, "transmute". Once the "transmute" function is called to convert the type of "month" object,
the address of the object is changed to the uninitialized memory region.
After that, when other function tries to dereference "month", segmentation fault occurs.
github issue link : ( https://github.com/ouch-org/ouch/issues/707 ) |
|---|
| Fonte | ⚠️ https://github.com/rustsec/advisory-db/pull/2084/files |
|---|
| Utente | yewan (UID 82633) |
|---|
| Sottomissione | 21/03/2025 05:42 (1 Anno fa) |
|---|
| Moderazione | 30/03/2025 19:59 (10 days later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 302055 [ouch-org ouch fino a 0.3.1 zip.rs convert_zip_date_time mese buffer overflow] |
|---|
| Punti | 20 |
|---|