| Title | ouch-org ouch 0.3.1 Memory Corruption |
|---|
| Description | When trying to decompress a file using "ouch", we can reach the function "ouch::archive::zip::convert_zip_date_time".
In the function, there is a unsafe function, "transmute". Once the "transmute" function is called to convert the type of "month" object,
the address of the object is changed to the uninitialized memory region.
After that, when other function tries to dereference "month", segmentation fault occurs.
github issue link : ( https://github.com/ouch-org/ouch/issues/707 ) |
|---|
| Source | ⚠️ https://github.com/rustsec/advisory-db/pull/2084/files |
|---|
| User | yewan (UID 82633) |
|---|
| Submission | 03/21/2025 05:42 (1 Year ago) |
|---|
| Moderation | 03/30/2025 19:59 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 302055 [ouch-org ouch up to 0.3.1 zip.rs convert_zip_date_time month memory corruption] |
|---|
| Points | 20 |
|---|