Hi, I am scanning this crate in the latest version using my own static analyzer tool.
Unsafe pointer conversion is found at: src/netmap_user.rs:16
pub unsafe fn _NETMAP_OFFSET<T, U>(ptr: *mut U, offset: isize) -> *mut T {
((ptr as *mut c_char).offset(offset) as *mut c_void) as *mut T
}This unsound implementation would create memory issues such as overflow, underflow, or misalignment, since the type is converted to c_void (1 byte, 8 bits). The attacker can manipulate the argument offset associated with the c_void pointer with a large value, as well as T and U, which can lead to a buffer overflow bug.
This would cause undefined behaviors in Rust. Adversaries can manipulate the associated arguments to cause memory safety bugs. I am reporting this issue for your attention.
Hi, I am scanning this crate in the latest version using my own static analyzer tool.
Unsafe pointer conversion is found at: src/netmap_user.rs:16
This unsound implementation would create memory issues such as overflow, underflow, or misalignment, since the type is converted to
c_void(1 byte, 8 bits). The attacker can manipulate the argumentoffsetassociated with thec_voidpointer with a large value, as well asTandU, which can lead to a buffer overflow bug.This would cause undefined behaviors in Rust. Adversaries can manipulate the associated arguments to cause memory safety bugs. I am reporting this issue for your attention.