Unchecked pointer offset in crate memmap2
Affected versionf of memmap2 did not perform enough validation on the offset and len parameters of
Mmap::[unchecked_]advise_range(),
MmapMut::[unchecked_]advise_ranage()
and MmapMut::flush[_async]_range().
This can cause undefined behavior due to invalid values being passed to pointer::offset() and pointer::add()
when passing an out-of-bounds range to any of the affected functions.
The flaw was corrected in commit [cee7cf0] and released in version 0.9.11.
The invalid pointer is not dereferenced,
but it is passed to the madvise and msync syscalls and their Windows equivalents.
[cee7cf0] RazrFalcon/memmap2-rs@cee7cf0
See advisory page for additional details.
memmap20.9.10Affected versionf of
memmap2did not perform enough validation on theoffsetandlenparameters ofMmap::[unchecked_]advise_range(),MmapMut::[unchecked_]advise_ranage()and
MmapMut::flush[_async]_range().This can cause undefined behavior due to invalid values being passed to
pointer::offset()andpointer::add()when passing an out-of-bounds range to any of the affected functions.
The flaw was corrected in commit [
cee7cf0] and released in version0.9.11.The invalid pointer is not dereferenced,
but it is passed to the
madviseandmsyncsyscalls and their Windows equivalents.[
cee7cf0] RazrFalcon/memmap2-rs@cee7cf0See advisory page for additional details.