Headline
GHSA-fp5x-7m4q-449f: Direct Ring Buffer has uninitialized memory exposure in create_ring_buffer
The safe function create_ring_buffer allocates a buffer using Vec::with_capacity followed by set_len, creating a Box<[T]> containing uninitialized memory.
This leads to undefined behavior when functions like write_slices create typed slices (e.g., &mut [bool]) over the uninitialized memory, violating Rust’s validity invariants. The issue has been confirmed using Miri.
Fixed in version 0.2.2 by using resize_with to properly initialize the buffer with T::default(), adding a T: Default bound to ensure sound initialization.
- GitHub Advisory Database
- GitHub Reviewed
- GHSA-fp5x-7m4q-449f
Direct Ring Buffer has uninitialized memory exposure in create_ring_buffer
Low severity GitHub Reviewed Published Oct 21, 2025 to the GitHub Advisory Database • Updated Oct 21, 2025
Package
cargo direct_ring_buffer (Rust)
Affected versions
< 0.2.2
The safe function create_ring_buffer allocates a buffer using Vec::with_capacity followed by set_len, creating a Box<[T]> containing uninitialized memory.
This leads to undefined behavior when functions like write_slices create typed slices (e.g., &mut [bool]) over the uninitialized memory, violating Rust’s validity invariants. The issue has been confirmed using Miri.
Fixed in version 0.2.2 by using resize_with to properly initialize the buffer with T::default(), adding a T: Default bound to ensure sound initialization.
References
- ain1084/direct_ring_buffer#1
- ain1084/direct_ring_buffer#2
- https://rustsec.org/advisories/RUSTSEC-2025-0105.html
Published to the GitHub Advisory Database
Oct 21, 2025
Last updated
Oct 21, 2025