Unsound usages of `u8` type casting in spl-token-swap

The library provides a safe public API unpack to cast u8 array to arbitrary types, which can cause to undefined behaviors. The length check of array can only prevent out-of-bound access on the return type. However, it can't prevent misaligned pointer when casting u8 pointer to a type aligned to...

PT-2024-40316 · Solana · Solana Program Library

Name of the Vulnerable Software and Affected Versions: Solana Program Library affected versions not specified Description: The issue arises from the unpack function in the library, which casts a u8 array to arbitrary types. This can lead to undefined behaviors due to misaligned pointer dereferenc...

PT-2024-40952 · Pprof · Pprof

Name of the Vulnerable Software and Affected Versions: pprof versions prior to 0.14.0 Description: The issue arises from the unsafe usage of the std::slice::from raw parts API, specifically in the TempFdArrayIterator.next function and when validating addresses with type c void. This can lead to t...