Closed kuzeyardabulut closed 1 year ago
Hi, I found a memory-safety/soundness issue in this crate while scanning Rust code for potential vulnerabilities. This PR contains a fix for the issue.
https://github.com/notify-rs/notify/blob/5f40b83c04b04893a42f91b55e4ceeef3777d47c/notify/src/windows.rs#L281-L310
If a panic!() occurs between the Box::new() function and std::mem::forget, a double free vulnerability emerges.
Box::new()
std::mem::forget
Related Issue
Thanks to the other reviewers.
0xpr03
commented
1 year ago
Hi, I found a memory-safety/soundness issue in this crate while scanning Rust code for potential vulnerabilities. This PR contains a fix for the issue.
Issue Description
https://github.com/notify-rs/notify/blob/5f40b83c04b04893a42f91b55e4ceeef3777d47c/notify/src/windows.rs#L281-L310
If a panic!() occurs between the
Box::new()function andstd::mem::forget, a double free vulnerability emerges.Related Issue