RUSTSEC-2022-0034
(unsound)
on 2022-07-22: Safety issues in
pkcs11
This crate has no reviews yet. To add a review, set up your cargo-crev.
Lib.rs has been able to verify that all files in the crate's tarball are in the crate's repository with a git tag matching the version. Please note that this check is still in beta, and absence of this confirmation does not mean that the files don't match.
Crates in the crates.io registry are tarball snapshots uploaded by crates' publishers. The registry is not using crates' git repositories, so there is a possibility that published crates have a misleading repository URL, or contain different code from the code in the repository.
To review the actual code of the crate, it's best to use cargo crev open pkcs11. Alternatively, you can download the tarball of pkcs11 v0.5.0 or view the source online.
Impact
The interface of
pkcs11is subject to a number of safety issues, mainly related to handling of raw pointers. Despite presenting a safe interface, many of the functions and methods that rely on inputs which contain pointers (attributes and mechanisms in particular) can lead to segmentation faults and undefined behaviour when those pointers get dereferenced. For more details see the issues referenced below.Other problems that have been identified by the community include use-after-free (mheese/rust-pkcs11#53) and unsound uses of
transmute_copy(mheese/rust-pkcs11#55).Workarounds
Users of the crate need to be extremely careful in all the calls made to avoid segmentation faults and undefined behaviour due to use of stale pointers. Whenever a pointer is derived from a value and passed to the library, that value's lifetime must be guaranteed to outlast all calls that rely on the pointer. For example, users should avoid creating or converting values within a separate scope (say, in a dedicated function), deriving a pointer, then extracting the pointer from that scope leaving the value to get dropped before passing the pointer to
pkcs11.References