search

GetFirefly / firefly

An alternative BEAM implementation, designed for WebAssembly
Apache License 2.0
3.61k stars 104 forks source link

Seq<T>: Data race allowed on T #727

Closed kuzeyardabulut closed 1 year ago

kuzeyardabulut commented 1 year ago

Hi, I found a memory-safety/soundness issue in this crate while scanning Rust code for potential vulnerabilities. This PR contains a fix for the issue.

Issue Description

Seq<T> unconditionally implements Sync. This allows users to create data races on T: !Sync. Such data races can lead to undefined behavior. https://github.com/GetFirefly/firefly/blob/8e89bc7ec33cb8ffa9a60283c8dcb7ff62ead5fa/compiler/util/src/seq.rs#L10