File tree 1 file changed +29
-0
lines changed 1 file changed +29
-0
lines changed Original file line number Diff line number Diff line change 1+ ``` toml
2+ [advisory ]
3+ id = " RUSTSEC-0000-0000"
4+ package = " futures-intrusive"
5+ date = " 2020-10-31"
6+ url = " https://github.com/Matthias247/futures-intrusive/issues/53"
7+ categories = [" memory-corruption"
8+ keywords = [" concurrency"
9+ informational = " unsound"
10+
11+ [versions ]
12+ patched = []
13+ ```
14+
15+ # GenericMutexGuard allows data races of non-Sync types across threads
16+
17+ ` GenericMutexGuard<T> ` was given the ` Sync ` auto trait as long as ` T ` is ` Send `
18+ due to its contained members. However, since the guard is supposed to represent
19+ an ** acquired lock** and allows concurrent access to the underlying data from
20+ different threads, it should only be ` Sync ` when the underlying data is.
21+
22+ This is a soundness issue and allows data races, potentially leading to crashes
23+ and segfaults from safe Rust code.
24+
25+ The flaw was corrected by adding a ` T: Send + Sync ` bound for
26+ ` GenericMutexGuard ` 's ` Sync ` trait.
27+
28+ This bug is [ similar to one] ( https://github.com/rust-lang/rust/issues/41622 ) in
29+ ` std::sync::Mutex ` .
You can’t perform that action at this time.
0 commit comments