We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
const-cstr is Unmaintained
const-cstr
0.3.0
Last release was about five years ago.
The maintainer(s) have been unreachable to respond to any issues that may or may not include security issues.
The repository is now archived and there is no security policy in place to contact the maintainer(s) otherwise.
No direct fork exist.
The crate violates the safety contract of ffi::CStr::from_bytes_with_nul_unchecked used in ConstCStr::as_cstr
ConstCStr::as_cstr
No interior nul bytes checking is done either by the constructor or the canonical macro to create the ConstCStr
ConstCStr
Additionally the crate may cause runtime panics if statically compiled and ran with any untrusted data that is not nul-terminated.
This is however unlikely but the the crate should not be used for untrusted data in context where panic may create a DoS vector.
The below may or may not provide alternative(s)
See advisory page for additional details.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
const-cstr
0.3.0
Last release was about five years ago.
The maintainer(s) have been unreachable to respond to any issues that may or may not include security issues.
The repository is now archived and there is no security policy in place to contact the maintainer(s) otherwise.
No direct fork exist.
const-cstr is Unsound
The crate violates the safety contract of ffi::CStr::from_bytes_with_nul_unchecked used in
ConstCStr::as_cstr
No interior nul bytes checking is done either by the constructor or the canonical macro to create the
ConstCStr
const-cstr Panic
Additionally the crate may cause runtime panics if statically compiled and ran with any untrusted data that is not nul-terminated.
This is however unlikely but the the crate should not be used for untrusted data in context where panic may create a DoS vector.
Possible Alternatives
The below may or may not provide alternative(s)
See advisory page for additional details.
The text was updated successfully, but these errors were encountered: