As mentioned in #109, the base C library that underlies this crate is quite deliberately... ah...not for using on untrusted input. The RUSTSEC or some other folks like the maintainers of tools like cargo vet, cargo deny, etc. may have some input on how to discourage people from picking up this crate casually just because it happens to have the stb_image name and they might be familiar with the C library.
As mentioned in #109, the base C library that underlies this crate is quite deliberately... ah...not for using on untrusted input. The RUSTSEC or some other folks like the maintainers of tools like
cargo vet,cargo deny, etc. may have some input on how to discourage people from picking up this crate casually just because it happens to have thestb_imagename and they might be familiar with the C library.