Hi, thanks for your time to read this issue.
Our static analyzer find a potential unsound issue in the construction of Trailer, where it doesn't provide enough check to ensure the soundness.
|
pub fn new(capacity: usize) -> Trailer<T> { |
|
unsafe { |
|
let trailer = Trailer::allocate(capacity); |
|
let ptr = trailer.ptr as *mut T; |
|
ptr.write(T::default()); |
|
trailer |
|
} |
|
} |
The constructor does check the T is not a ZST in rust, and allocating with size 0 is considered as undefined behaviors in Rust. A poc code like below can work:
use trailer::Trailer;
#[derive(Default)]
struct Zst;
fn main() {
let mut a = Trailer::<Zst>::new(0);
drop(a);
}Thanks again for your time.
Hi, thanks for your time to read this issue.
Our static analyzer find a potential unsound issue in the construction of Trailer, where it doesn't provide enough check to ensure the soundness.
trailer/src/lib.rs
Lines 18 to 25 in d474984
The constructor does check the T is not a ZST in rust, and allocating with size 0 is considered as undefined behaviors in Rust. A poc code like below can work:
Thanks again for your time.