Advisory Database
  • Advisories
  • Dependency Scanning
  1. cargo
  2. ›
  3. array-queue
  4. ›
  5. GHSA-xqjr-wfx3-gmxv

GHSA-xqjr-wfx3-gmxv: ArrayQueue's push_front is not panic-safe

September 2, 2025

The safe API array_queue::ArrayQueue::push_front can lead to deallocating uninitialized memory if a panic occurs while invoking the clone method on the passed argument.

Specifically, push_front receives an argument that is intended to be cloned and pushed, whose type implements the Clone trait. Furthermore, the method updates the queue’s start index before initializing the slot for the newly pushed element. User-defined implementations of Clone may include a clone method that can panic. If such a panic occurs during initialization, the structure is left with an advanced start index pointing to an uninitialized slot. When ArrayQueue is later dropped, its destructor treats that slot as initialized and attempts to drop it, resulting in an attempt to free uninitialized memory.

The bug was fixed in commit 728fe1b.

References

  • github.com/advisories/GHSA-xqjr-wfx3-gmxv
  • github.com/raviqqe/array-queue
  • github.com/raviqqe/array-queue/commit/728fe1bdffb04896d218e962d989a2ae6bf1ea92
  • github.com/raviqqe/array-queue/issues/3
  • rustsec.org/advisories/RUSTSEC-2025-0054.html

Code Behaviors & Features

Detect and mitigate GHSA-xqjr-wfx3-gmxv with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →

Affected versions

All versions starting from 0.3.0 before 0.4.0

Fixed versions

  • 0.4.0

Solution

Upgrade to version 0.4.0 or above.

Weakness

  • CWE-665: Improper Initialization

Source file

cargo/array-queue/GHSA-xqjr-wfx3-gmxv.yml

Spotted a mistake? Edit the file on GitLab.

  • Site Repo
  • About GitLab
  • Terms
  • Privacy Statement
  • Contact

Page generated Thu, 04 Sep 2025 00:19:34 +0000.