An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. In the affected versions of this crate, merge_sort::merge()
wildly duplicates and drops ownership of T
without guarding against double-free. Due to such implementation, simply invoking merge_sort::merge()
on Vec<T: Drop>
can cause double free bugs.
CPE | Name | Operator | Version |
---|---|---|---|
algorithmica | le | 0.1.8 |