CVE-2021-29942

Name of the Vulnerable Software and Affected Versions reorder crate through 2021-02-24 for Rust

Description The issue arises when the len() method of an iterator returns a value that is too large, causing swap index to create a vector with uninitialized members. If the len() returned is smaller than the actual number of elements yielded, swap index can write out of bounds past its allocated vector. According to the Rust documentation, len() and size hint() are primarily meant for optimization and should not lead to memory safety violations.

Recommendations For versions of the reorder crate through 2021-02-24, update to version 1.1.0 or later, as previous versions have been yanked from crates.io. As a temporary workaround, consider using the swap index function with caution, ensuring that the iterator's len() method returns an accurate value to avoid memory safety violations.