Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1xdmM0LTc4Z3ctcHY4cM4AAy8O
Adverserial use of `make_bitflags!` macro can cause undefined behavior
The macro relied on an expression of the form Enum::Variant always being a
variant of the enum. However, it may also be an associated integer constant, in
which case there's no guarantee that the value of said constant consists only of
bits valid for this bitflag type.
Thus, code like this could create an invalid BitFlags<Test>, which would cause
iterating over it to trigger undefined behavior. As the debug formatter
internally iterates over the value, it is also affected.
use enumflags2::{bitflags, make_bitflags};
#[bitflags]
#[repr(u8)]
#[derive(Copy, Clone, Debug)]
enum Test {
A = 1,
B = 2,
}
impl Test {
const C: u8 = 69;
}
fn main() {
let x = make_bitflags!(Test::{C});
// printing or iterating over x is UB
}
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xdmM0LTc4Z3ctcHY4cM4AAy8O
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 1 year ago
Updated: about 1 year ago
Identifiers: GHSA-qvc4-78gw-pv8p
References:
- https://github.com/meithecatte/enumflags2/releases/tag/v0.7.7
- https://rustsec.org/advisories/RUSTSEC-2023-0035.html
- https://github.com/advisories/GHSA-qvc4-78gw-pv8p
Blast Radius: 0.0
Affected Packages
cargo:enumflags2
Dependent packages: 100Dependent repositories: 4,305
Downloads: 14,965,960 total
Affected Version Ranges: >= 0.7.0, < 0.7.7
Fixed in: 0.7.7
All affected versions: 0.7.0, 0.7.1, 0.7.2, 0.7.3, 0.7.4, 0.7.5, 0.7.6
All unaffected versions: 0.5.0, 0.5.1, 0.5.2, 0.6.0, 0.6.1, 0.6.2, 0.6.3, 0.6.4, 0.7.7, 0.7.8, 0.7.9