Skip to content

Commit 83e4283

Browse files
authored
Update RUSTSEC-0000-0000.md
Update w/Alex's feedback.
1 parent 7d47527 commit 83e4283

File tree

1 file changed

+16
-5
lines changed

1 file changed

+16
-5
lines changed

crates/openssl-probe/RUSTSEC-0000-0000.md

+16-5
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ keywords = ["ssl", "openssl", "environment"]
1212

1313
[affected.functions]
1414
"openssl_probe::try_init_ssl_cert_env_vars" = ["< 0.1.6"]
15-
15+
"
1616
[affected]
1717
os = ["linux"]
1818

@@ -33,15 +33,26 @@ added, or a variable's contents being enlarged.
3333
This is shown to occur on Linux, but it will also likely occur on any other platform where `getenv`
3434
and `setenv` are not thread-safe, though trigger conditions may vary widely.
3535

36+
## Rust's `set_env`
37+
38+
This crate, and all callers of the Rust `set_env` function (<https://doc.rust-lang.org/std/env/fn.set_var.html>)
39+
are unsound due to some early decisions in the Rust ecosystem that provided these functions without
40+
an `unsafe` marker. The real problem, however, lies in the POSIX standard which defines this method
41+
without making any sort of thread-safety guarantees.
42+
43+
In Rust's 2024 edition these environment setters are made `unsafe` and the documentation was updated to note
44+
that the only safe way to use these functions is in a single-threaded context.
45+
3646
## Affected Code
3747

38-
The affected function is `try_init_ssl_cert_env_vars` in
39-
<https://github.com/alexcrichton/openssl-probe/blob/db67c9e5b333b1b4164467b17f5d99207fad004c/src/lib.rs#L65>, and
48+
The affected functions are `init_ssl_cert_env_vars` and `try_init_ssl_cert_env_vars` in
49+
<https://github.com/alexcrichton/openssl-probe/blob/db67c9e5b333b1b4164467b17f5d99207fad004c/src/lib.rs#L52> and <https://github.com/alexcrichton/openssl-probe/blob/db67c9e5b333b1b4164467b17f5d99207fad004c/src/lib.rs#L65>, respectively, and
4050
any other library's function which may call this function directly or indirectly
41-
<https://github.com/search?q=try_init_ssl_cert_env_vars&type=code>. `native_tls <= 0.2.12` may
51+
<[https://github.com/search?q=try_init_ssl_cert_env_vars&type=code](https://github.com/search?q=try_init_ssl_cert_env_vars+OR+init_ssl_cert_env_vars&type=code)>. `native_tls <= 0.2.12` may
4252
do so in certain configurations <https://github.com/sfackler/rust-native-tls/blob/2424bc5efd1b8b4bcf60dbda93259a3f29db7f06/Cargo.toml>.
4353

44-
The crate's author released a fix in versions `>=0.1.6` which marks these functions as `unsafe` and `#[deprecated]`.
54+
The crate's author released a fix in versions `>=0.1.6` which marks these functions as `#[deprecated]` and adds
55+
new `unsafe` equivalents <https://github.com/alexcrichton/openssl-probe/commit/3ea7c1af24d7f03c5786872f06ff066e03b75138>.
4556

4657
## Alternative Mitigations
4758

0 commit comments

Comments
 (0)