Hi, I am scanning the clickhouse-srv in the latest version with my own static analyzer tool.
Unsafe conversion found at: src/types/column/iter/mod.rs#L825
let inner = unsafe {
let mut inner: *const u8 = ptr::null();
column.get_internal(&[&mut inner], 0, props)?;
&*(inner as *const Vec<u8>)
};
This unsound implementation would create a misalignment issues if the type size of u8 is smaller than the type size of Vec<u8>.
This would potentially cause undefined behaviors in Rust. If we further manipulate the problematic converted types, it would potentially lead to different consequences such as access out-of-bound. I am reporting this issue for your attention.
Hi, I am scanning the clickhouse-srv in the latest version with my own static analyzer tool.
Unsafe conversion found at: src/types/column/iter/mod.rs#L825
This unsound implementation would create a misalignment issues if the type size of
u8
is smaller than the type size ofVec<u8>
.This would potentially cause undefined behaviors in Rust. If we further manipulate the problematic converted types, it would potentially lead to different consequences such as access out-of-bound. I am reporting this issue for your attention.