[advisory]
id = "RUSTSEC-0000-0000"
package = "fast-able"
date = "2025-04-25"
categories = ["memory-corruption"]
[versions]
patched = []
unaffected = []At src/vec.rs:
impl<V> SyncVec<V>
where
V: Clone,
{
pub fn to_vec(&self) -> Vec<V> {
let mut v = Vec::new();
for i in self.iter() {
v.push(i.clone());
}
v
}
}
impl<V> SyncVec<V> {
...
#[inline]
pub fn get_uncheck(&self, index: usize) -> &V {
unsafe { (&*self.dirty.get()).get_unchecked(index) }
}The public accessible struct SyncVec has a public method get_unchecked. It accept a parameter index and used in the get_unchecked without sufficient checks as mentioned here. In Rust, safe function should not cause memory risks.