impl `FromMdbValue` for bool is unsound

The implementation of FromMdbValue has several unsoundness issues. First of all, it allows to reinterpret arbitrary bytes as a bool and could make undefined behavior happen with safe function. Secondly, it allows transmuting pointer without taking memory layout into consideration. The details of...

CVE-2019-25004

An issue was discovered in the flatbuffers crate before 0.6.1 for Rust. Arbitrary bytes can be reinterpreted as a bool, defeating soundness...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in flatbuffers crate in versions of Mozilla Rust prior to 0.6.1, which stems from the fact that an arbitrary byte can be reinterpreted as a bool.No details of the vulnerability ar...

RUSTSEC-2019-0028 Unsound `impl Follow for bool`

The implementation of impl Follow for bool allows to reinterpret arbitrary bytes as a bool. In Rust bool has stringent requirements for its in-memory representation. Use of this function allows to violate these requirements and invoke undefined behaviour in safe code...