Fix invalid drop impl call in `Report::downcast`

eyre-rs / eyre

A trait object based error handling type for easy idiomatic error handling and reporting in Rust applications

Apache License 2.0

1.35k stars 63 forks source link

Fix invalid drop impl call in `Report::downcast` #143

Closed ten3roberts closed 8 months ago

ten3roberts commented 8 months ago

The context chain downcast called converted to the wrong inner type which caused the wrong drop impl to be called.

The tests did not catch this because they had compatible drop implementations due to matching type layout. Solved by swizzling the fields of the chain test types to force incompatible layouts

Resolves: #141

thenorili commented 8 months ago

Great catch, and clever work on the test!

stevepryde commented 7 months ago

Any reason why this fix hasn't been released yet (and affected versions yanked)? It's a known soundness issue in a popular crate.

thenorili commented 7 months ago

Thanks for pointing that out. There were some cross wires and folks thought it had made it into the last release when it had not. Working on it!