Skip to content

Commit

Permalink
Assigned RUSTSEC-2024-0431 to xous (#2184)
Browse files Browse the repository at this point in the history
Co-authored-by: Shnatsel <[email protected]>
  • Loading branch information
github-actions[bot] and Shnatsel authored Dec 28, 2024
1 parent 8e49577 commit 3c6d318
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion .duplicate-id-guard
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
This file causes merge conflicts if two ID assignment jobs run concurrently.
This prevents duplicate ID assignment due to a race between those jobs.
97956887ce91190352cda430ea9fe4bd91127d344a9c891801efe1e0a3e186ba -
aad38777d2c1ccadc744a9c8f822e35c79415e87b192c5752fa69e54775e58dc -
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
id = "RUSTSEC-2024-0431"
package = "xous"
date = "2024-12-23"
url = "https://github.com/betrusted-io/xous-core/issues/410"
Expand All @@ -20,4 +20,4 @@ functions = {"xous::definitions::MemoryRange::as_slice" = ["< 0.9.51"], "xous::d

We consider `as_slice` and `as_slice_mut` unsound because: the pointer with any bit patterns could be cast to the slice of arbitrary types. The pointer could be created by unsafe new and deprecated `from_parts`. We consider that `from_parts` should be removed in latest version because it will help trigger unsoundness in `as_slice`. With new declared as unsafe, `as_slice` should also declared as unsafe.

This was patched in by marking two functions as `unsafe`.
This was patched in by marking two functions as `unsafe`.

0 comments on commit 3c6d318

Please sign in to comment.