CVE-2021-26954: insert_slice_clone can double drop if Clone panics.

May 24, 2022 (updated June 13, 2023)

Affected versions of this crate used ptr::copy when inserting into the middle of a Vec. When ownership was temporarily duplicated during this copy, it calls the clone method of a user provided element.

This issue can result in an element being double-freed if the clone call panics.

Commit 20cb73d fixed this issue by adding a set_len(0) call before operating on the vector to avoid dropping the elements during a panic.

References

github.com/advisories/GHSA-68p4-pjpf-xwcq
github.com/qwertz19281/rust_utils
github.com/qwertz19281/rust_utils/commit/20cb73d
github.com/qwertz19281/rust_utils/issues/3
nvd.nist.gov/vuln/detail/CVE-2021-26954
rustsec.org/advisories/RUSTSEC-2021-0018.html

Code Behaviors & Features

Detect and mitigate CVE-2021-26954 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →