RUSTSEC-2020-0071: Potential segfault in the time crate #317

New issue

Open

opened 2022-07-01 00:04:15 +00:00 by github-actions[bot] · 0 comments

github-actions[bot] commented 2022-07-01 00:04:15 +00:00 (Migrated from github.com)

Copy link

Potential segfault in the time crate

Details
Package	time
Version	0.1.44
URL	https://github.com/time-rs/time/issues/293
Date	2020-11-18
Patched versions	>=0.2.23
Unaffected versions	=0.2.0,=0.2.1,=0.2.2,=0.2.3,=0.2.4,=0.2.5,=0.2.6

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

The affected functions from time 0.2.7 through 0.2.22 are:

• time::UtcOffset::local_offset_at
• time::UtcOffset::try_local_offset_at
• time::UtcOffset::current_local_offset
• time::UtcOffset::try_current_local_offset
• time::OffsetDateTime::now_local
• time::OffsetDateTime::try_now_local

The affected functions in time 0.1 (all versions) are:

• at
• at_utc
• now

Non-Unix targets (including Windows and wasm) are unaffected.

Patches

Pending a proper fix, the internal method that determines the local offset has been modified to always return None on the affected operating systems. This has the effect of returning an Err on the try_* methods and UTC on the non-try_* methods.

Users and library authors with time in their dependency tree should perform cargo update, which will pull in the updated, unaffected code.

Users of time 0.1 do not have a patch and should upgrade to an unaffected version: time 0.2.23 or greater or the 0.3 series.

Workarounds

No workarounds are known.

References

time-rs/time#293

See advisory page for additional details.

> Potential segfault in the time crate | Details | | | ------------------- | ---------------------------------------------- | | Package | `time` | | Version | `0.1.44` | | URL | [https://github.com/time-rs/time/issues/293](https://github.com/time-rs/time/issues/293) | | Date | 2020-11-18 | | Patched versions | `>=0.2.23` | | Unaffected versions | `=0.2.0,=0.2.1,=0.2.2,=0.2.3,=0.2.4,=0.2.5,=0.2.6` | ### Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library. The affected functions from time 0.2.7 through 0.2.22 are: - `time::UtcOffset::local_offset_at` - `time::UtcOffset::try_local_offset_at` - `time::UtcOffset::current_local_offset` - `time::UtcOffset::try_current_local_offset` - `time::OffsetDateTime::now_local` - `time::OffsetDateTime::try_now_local` The affected functions in time 0.1 (all versions) are: - `at` - `at_utc` - `now` Non-Unix targets (including Windows and wasm) are unaffected. ### Patches Pending a proper fix, the internal method that determines the local offset has been modified to always return `None` on the affected operating systems. This has the effect of returning an `Err` on the `try_*` methods and `UTC` on the non-`try_*` methods. Users and library authors with time in their dependency tree should perform `cargo update`, which will pull in the updated, unaffected code. Users of time 0.1 do not have a patch and should upgrade to an unaffected version: time 0.2.23 or greater or the 0.3 series. ### Workarounds No workarounds are known. ### References time-rs/time#293 See [advisory page](https://rustsec.org/advisories/RUSTSEC-2020-0071.html) for additional details.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/cargo/time-0.3.0

dependabot/cargo/env_logger-approx-0.9

dependabot/cargo/combine-approx-4.6

dependabot/cargo/rustc_version-approx-0.4

dependabot/add-v2-config-file

dependabot/cargo/rusqlite-approx-0.25

dependabot/cargo/tempfile-approx-3.2

gburd/replace-option-option

gh-pages

moz-pr/798

fluffyemily/store-management

fluffyemily/ios-docs

gh-pages-api-docs

fluffyemily/ios-ci

grisha/update-failure

buildtools-27.0.3-ndk-r15c-ndk-version-21-rust-stable-rust-beta

grisha/type_composition

fluffyemily/run-android-tests-travis

grisha/enumset

generic-automation-images

build-android-sdk

v0.8.2

grisha/syncable

entity-builder

grisha/tolstoy-concrete-error

doc-site-theme

fluffyemily/jekyll-docs

rnewman/renumber

grisha/sdkSample

grisha/androidBuild

grisha/gradlePublish

static_manager

rnewman/nn

grisha/updateGradle

fluffyemily/ffi-cache

fluffyemily/android-sdk-framework

rnewman/pull-keyword

rnewman/pull-nest

rnewman/arc

fluffyemily/ios-sdk-framework

fluffyemily/ffi_store

rnewman/basic-pull

rnewman/retract-schema

fluffyemily/query-builder

rnewman/tx-pred

fluffyemily/query-builder-take1

revert-ffi

rnewman/transact-watcher

rnewman/tx-log-observer

grisha/observers-sync

rnewman/edn-optimize

grisha/disable-ssl-add-issue-comments

rnewman/tutorial

grisha/tolstoy-reader

mozilla-grisha/tolstoy-reader

mozilla-eoger/tx-assertions

rnewman/type-hinting-nits

rnewman/tx-cardinality-one

rnewman/tx-assertions

rnewman/type-constraining-from-predicate

export_top_level_items

rnewman/simple-aggregates-2

fluffyemily/update_uuid

fluffyemily/cli

fluffemily/attributes

fluffyemily/tx-id-check

fluffyemily/type_tag_expansion

fluffyemily/expand_type_tags

rnewman/dedupe-args

rust

fluffyemily/read-from-file

fluffyemily/execute-edn

fluffyemily/start_mentat_in_cli

coverage

rnewman/bump-versions

rnewman/uuid

benchmarks-travis-test

rnewman/with

fluffyemily/not-not-join-rebased

fluffyemily/not-not-join

fluffyemily/parse-not-not-join

clojure

rnewman/no-ref

rnewman/parser-utils

rnewman/edn-printing

rnewman/parse-tx

rnewman/rebase-edn

database-explorer

other-crates

cli

bgrins-patch-1-1

bgrins-patch-1

rnewman/firefox

rnewman/unbound

rnewman/order-by-js

rnewman/generic-or

rnewman/joins

rnewman/fulltext-parse

transact-rewrite

rnewman/source-switcher

rnewman/negation

transact

sqlite-factory

rnewman/query

sqlite-schema

0.11.1

v0.11.0-3

v0.11.0-2

v0.11.0

v0.9.0

v0.10.0

v0.8.1

v0.8.0

0.3.1

v0.3.1

Labels

Clear labels   

A-build

  

A-cli

  

A-core

  

A-design

  

A-edn

  

A-ffi

  

A-query

  

A-sdk

  

A-sdk-android

  

A-sdk-ios

  

A-sync

  

A-transact

  

A-views

  

A-vocab

  

P-Android

  

P-desktop

  

P-iOS

  

bug

Something isn't working

  

correctness

  

dependencies

Pull requests that update a dependency file

  

dev-ergonomics

  

discussion

  

documentation

  

duplicate

This issue or pull request already exists

  

enhancement

New feature or request

  

enquiry

  

good first bug

  

good first issue

Good for newcomers

  

help wanted

Extra attention is needed

  

hygiene

  

in progress

  

invalid

This doesn't seem right

  

question

Further information is requested

  

ready

  

size

  

speed

  

wontfix

This will not be worked on

No labels

A-build

A-cli

A-core

A-design

A-edn

A-ffi

A-query

A-sdk

A-sdk-android

A-sdk-ios

A-sync

A-transact

A-views

A-vocab

P-Android

P-desktop

P-iOS

bug

correctness

dependencies

dev-ergonomics

discussion

documentation

duplicate

enhancement

enquiry

good first bug

good first issue

help wanted

hygiene

in progress

invalid

question

ready

size

speed

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: greg/mentat#317

No description provided.