You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This implementation assumes that the pointer self.0 is valid, aligned, and points to initialized memory, but these assumptions are not enforced, leading to potential UB. Description
The current implementation of the Arg struct contains unsafe methods (get and set) that allow undefined behavior (UB) when the underlying pointer (*mut T) is invalid, null, or points to uninitialized memory. This can result in memory safety violations in safe code, making the implementation unsound.
Proof of Unsoundness
fn main() {
// Create a null pointer
let dangling_ptr: *mut i32 = std::ptr::null_mut();
// Construct Arg<T> with a null pointer
let arg = Arg(dangling_ptr);
// Call `get`, attempting to read from the null pointer
let value = arg.get(); // UB: Reading from a null pointer
println!("Value: {}", value); // Unpredictable behavior
}
Output
PS E:\Github\lwz> cargo run
Compiling lwz v0.1.0 (E:\Github\lwz)
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.32s
Running `target\debug\lwz.exe`
thread 'main' panicked at core\src\panicking.rs:223:5:
unsafe precondition(s) violated: ptr::copy_nonoverlapping requires that both pointer arguments are aligned and non-null and the specified memory ranges do not overlap
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
thread caused non-unwinding panic. aborting.
error: process didn't exit successfully: `target\debug\lwz.exe` (exit code: 0xc0000409, STATUS_STACK_BUFFER_OVERRUN)
The text was updated successfully, but these errors were encountered:
Hello, I found a soundness issue in this crate.
This implementation assumes that the pointer self.0 is valid, aligned, and points to initialized memory, but these assumptions are not enforced, leading to potential UB.
Description
The current implementation of the Arg struct contains unsafe methods (get and set) that allow undefined behavior (UB) when the underlying pointer (*mut T) is invalid, null, or points to uninitialized memory. This can result in memory safety violations in safe code, making the implementation unsound.
Proof of Unsoundness
Output
PS E:\Github\lwz> cargo run
The text was updated successfully, but these errors were encountered: