Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon

Rust’s recent releases 1.34.0 and 1.34.1 affected from a vulnerability that can cause memory unsafety

Save for later
  • 2 min read
  • 14 May 2019

article-image

Last week, the Rust team was informed about a vulnerability in Rust’s standard library, the details of which they shared yesterday. The vulnerability is caused by a function that was stabilized in the Rust 1.34.0 and 1.34.1 versions. The Common Vulnerabilities and Exposures (CVE) Id for this vulnerability is CVE-2019-12083.

What is the vulnerability?


The Rust standard library contains the `Error::type_id` method, which allows you to acquire TypeId (a globally unique identifier for a type) of the underlying error type to downcast back to the original type. The vulnerability happens when the method is manually implemented or interacts with ‘Error::downcast’ family of functions to cast a type to the wrong type.

Though the standard library has a default implementation of ‘Error::type_id’, it can also be manually implemented by downstream crates. This can cause security issues such as out of bounds reads and writes. If your code does not have a manual implementation of ‘Error::type_id’, then it is safe.

This vulnerability affects two versions, Rust 1.34.0 and 1.34.1, which were released last month. Also, since the function has been a part of all the releases starting from Rust 1.0.0, this vulnerability may have affected the code compiled with the nightly distribution as well.

Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at $19.99/month. Cancel anytime

What are the mitigation steps?


The Rust team recommends to immediately remove the manual implementations of Error::type_id and inherit the default implementation which is a safe option. As a long term measure, the team plans to destabilize this function, which will be a breaking change for users calling Error::type_id and for users overriding Error::type_id.

The team further wrote, “We will be releasing a 1.34.2 point release on 2019-05-14 (tomorrow) which reverts #58048 and destabilizes the Error::type_id function. The upcoming 1.35.0 release along with the beta/nightly channels will also all be updated with a destabilization.

Read the full announcement on Rust’s official website.

Rust shares roadmap for 2019

Rust 1.34 releases with alternative cargo registries, stabilized TryFrom and TryInto, and more

Chris Dickinson on how to implement Git in Rust