-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Audit flate2 #32
Comments
Following the work done by @oyvindln as part of #2, when using the Rust backend (miniz_oxide) it's already almost 100% safe. The only remaining unsafety in that path is passing a slice of uninitialized memory to be filled: https://github.com/alexcrichton/flate2-rs/blob/537fb77132a15b772fcc9c35a4c8c679d40aedf7/src/mem.rs#L317-L323 The outer function accepts the output buffer as Exposure of uninitialized memory can be easily avoided by passing the |
Opened an issue on flate2 project about the above: rust-lang/flate2-rs#220 |
|
@Shnatsel are we tracking the "if we had {X} we could remove unsafe" somewhere to have some ability to quantify relative value of different priorities? |
Sort of? We have #34 for now, not sure if we need a more permanent place for collecting these. |
https://crates.io/crates/flate2
Frontend to a number of DEFLATE compression/decompression libraries:
zlib
,miniz
andminiz_oxide
. 11,000 downloads/day, exposed to untrusted data from the network throughreqwest
😱The text was updated successfully, but these errors were encountered: