github tokio-rs/tokio tokio-1.14.1
Tokio v1.14.1
on GitHub

latest releases: tokio-stream-0.1.16, tokio-util-0.7.12, tokio-1.40.0...
2 years ago

This release backports a bug fix from 1.16.1

Fixes a soundness bug in io::Take (#4428). The unsoundness is exposed when
leaking memory in the given AsyncRead implementation and then overwriting the
supplied buffer: 

impl AsyncRead for Buggy {
    fn poll_read(
        self: Pin<&mut Self>,
        cx: &mut Context<'_>,
        buf: &mut ReadBuf<'_>
    ) -> Poll<Result<()>> {
      let new_buf = vec![0; 5].leak();
      *buf = ReadBuf::new(new_buf);
      buf.put_slice(b"hello");
      Poll::Ready(Ok(()))
    }
}

Fixed

  • io: soundness don't expose uninitialized memory when using io::Take in edge case (#4428)
Check out latest releases or
releases around tokio-rs/tokio tokio-1.14.1

Don't miss a new tokio release

NewReleases is sending notifications on new releases.

Get notifications