[criteria.crypto-safe] description = """ All crypto algorithms in this crate have been reviewed by a relevant expert. **Note**: If a crate does not implement crypto, use `does-not-implement-crypto`, which implies `crypto-safe`, but does not require expert review in order to audit for.""" [criteria.does-not-implement-crypto] description = """ Inspection reveals that the crate in question does not attempt to implement any cryptographic algorithms on its own. Note that certification of this does not require an expert on all forms of cryptography: it's expected for crates we import to be \"good enough\" citizens, so they'll at least be forthcoming if they try to implement something cryptographic. When in doubt, please ask an expert.""" implies = "crypto-safe" [criteria.ub-risk-0] description = """ No unsafe code. Full description of the audit criteria can be found at https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-0 """ implies = "ub-risk-1" [criteria.ub-risk-1] description = """ Excellent soundness. Full description of the audit criteria can be found at https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-1 """ implies = "ub-risk-2" [criteria.ub-risk-1-thorough] description = """ Excellent soundness (established in a thorough review). Full description of the audit criteria can be found at https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-1-thorough """ implies = "ub-risk-1" [criteria.ub-risk-2] description = """ Negligible unsoundness or average soundness. Full description of the audit criteria can be found at https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-2 """ implies = "ub-risk-3" [criteria.ub-risk-2-thorough] description = """ Negligible unsoundness or average soundness (established in a thorough review). Full description of the audit criteria can be found at https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-2-thorough """ implies = "ub-risk-2" [criteria.ub-risk-3] description = """ Mild unsoundness or suboptimal soundness. Full description of the audit criteria can be found at https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-3 """ implies = "ub-risk-4" [criteria.ub-risk-4] description = """ Extreme unsoundness. Full description of the audit criteria can be found at https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-4 """ [[audits.android_logger]] who = "Manish Goregaokar " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.13.3" notes = "Reviewed in CL 559548165" [[audits.anstream]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.3.2" notes = "Reviewed in CL 559376670" [[audits.anstream]] who = "Ben Saunders " criteria = ["ub-risk-4"] version = "0.6.5" notes = """Reviewed in CL 596713982 Issues found: - https://github.com/rust-cli/anstyle/issues/156 - Exhaustive review of utf8 soundness not performed """ [[audits.anstyle]] who = "Ben Saunders " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "1.0.0" notes = "Reviewed in CL 559404826" [[audits.anstyle_query]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "1.0.0" notes = "Reviewed in CL 559375925" [[audits.anstyle-parse]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.2.1" notes = "Reviewed in CL 559131783" [[audits.anymap]] who = "Manish Goregaokar " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "1.0.0-beta2" notes = "Reviewed in CL 558118223" [[audits.base64ct]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "1.6.0" notes = "Reviewed in CL 592910669" [[audits.bit-set]] who = [ "Manish Goregaokar ", "Augie Fackler " ] criteria = ["ub-risk-2"] version = "0.5.3" notes = """Reviewed in CL 615008047 Uses unsafe operations from bit-vec that are not actually unsafe. """ [[audits.bitflags]] who = "Taylor Cramer " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "2.3.3" notes = "Reviewed in CL 545304270" [[audits.btoi]] who = "Ben Saunders " criteria = ["ub-risk-0", "does-not-implement-crypto"] version = "0.4.3" notes = "Reviewed in CL 581228675" [[audits.bumpalo]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "3.14.0" notes = "Reviewed in CL 574186321" [[audits.bytecount]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.6.7" notes = """Reviewed in CL 596699465 Is sound, but needs safety docs """ [[audits.bytemuck]] who = [ "Manish Goregaokar ", "Ɓukasz Anforowicz " ] criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "1.13.1" notes = "Reviewed in CL 561111794" [[audits.byteorder]] who = "Alyssa Haroldsen " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "1.4.3" notes = """Reviewed in CL 559206679 Issues found: - https://github.com/BurntSushi/byteorder/issues/194 """ [[audits.caliptra_cfi]] who = "Taylor Cramer " criteria = ["ub-risk-4"] version = "0.1.0" notes = """Reviewed in CL 609792409 Rating is ub-risk-4 because this crate makes assumptions about single-threadedness. However, on the platform it is intended for, this is fine and can be treated as having ub-risk-3. Issues found: https://github.com/chipsalliance/caliptra-cfi/pull/10 """ [[audits.chalk_ir]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.92.0" notes = "Reviewed in CL 558137822" [[audits.chalk_ir]] who = "Manish Goregaokar " criteria = ["ub-risk-0"] version = "0.95.0" notes = "Reviewed in CL 599467162" [[audits.clap_lex]] who = "Ben Saunders " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.5.0" notes = """Reviewed in CL 559377426 Issues: - Unsound transmutes from OsStr to [u8] (https://github.com/clap-rs/clap/issues/5280) - (optional) Incorrect safety comment (https://github.com/clap-rs/clap/pull/5281) """ [[audits.clap_lex]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] delta = "0.5.1 -> 0.6.0" notes = """Reviewed in CL 596708333 Issues: - Unsound transmutes from OsStr to [u8] (https://github.com/clap-rs/clap/issues/5280) - (optional) Incorrect safety comment (https://github.com/clap-rs/clap/pull/5281) """ [[audits.clru]] who = "Ben Saunders " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "0.6.1" notes = "Reviewed in CL 581562557" [[audits.command_group]] who = "Ben Saunders " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "2.0.1" notes = """Reviewed in CL 561009596 Issues found: - https://github.com/watchexec/command-group/issues/20 - https://github.com/watchexec/command-group/issues/19 """ [[audits.constant_time_eq]] who = "Ben Saunders " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "0.3.0" notes = "Reviewed in CL 587904821" [[audits.countme]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "3.0.1" notes = "Reviewed in CL 558181122" [[audits.crc32c]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.6.5" notes = """Reviewed in CL 608991681 Does not have much unsafe (some use of hardware intrinsics, one bit of pointer manipulation). However, the unsafe isn't documented enough. Can be upgraded to a rating 2 or 1 with some unsafe documentation. """ [[audits.crc32fast]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "1.3.2" notes = "Reviewed in CL 558895300" [[audits.crossterm]] who = "Ben Saunders " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.26.1" notes = """Reviewed in CL 562140151 Issues: - Internal API permits buffer overruns (https://github.com/crossterm-rs/crossterm/pull/821) """ [[audits.crossterm]] who = "Ben Saunders " criteria = ["ub-risk-3", "does-not-implement-crypto"] delta = "0.26.1 -> 0.27.0" notes = """Reviewed in CL 566337315 Issues: - Internal API permits buffer overruns (https://github.com/crossterm-rs/crossterm/pull/821) """ [[audits.ctor]] who = "Ben Saunders " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.2.4" notes = """Reviewed in CL 552861146 Issues found: - https://github.com/mmastrac/rust-ctor/pull/294 - https://github.com/mmastrac/rust-ctor/pull/293 """ [[audits.ctrlc]] who = "Taylor Cramer " criteria = ["ub-risk-3"] version = "3.4.0" notes = "Reviewed in CL 587904024" [[audits.curve25519-dalek]] who = "Ben Saunders " criteria = ["ub-risk-1"] version = "4.0.0" notes = "Reviewed in CL 557134163" [[audits.curve25519-dalek-derive]] who = "Ben Saunders " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.1.0" notes = """Reviewed in CL 557129495 Issues found: - https://github.com/dalek-cryptography/curve25519-dalek/issues/563 """ [[audits.deranged]] who = "Taylor Cramer " criteria = ["ub-risk-1"] version = "0.3.9" notes = "Reviewed in CL 579385986" [[audits.encoding_rs]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.8.33" notes = """Reviewed in CL 605370461 Needs extensive safety comments: - https://github.com/hsivonen/encoding_rs/pull/101 """ [[audits.enumflags2]] who = "Ben Saunders " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "0.7.8" notes = "Reviewed in CL 603523557" [[audits.errno]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.2.8" notes = "Reviewed in CL 567624402" [[audits.error-chain]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.12.4" notes = "Reviewed in CL 545732008" [[audits.ethnum]] who = "Ben Saunders " criteria = ["ub-risk-4"] version = "1.5.0" notes = """Reviewed in CL 624267108 Issues found: - error.rs: Unsoundly transmutes into std error types, making assumptions about stability and layout - fmt.rs: GenericRadix trait should be unsafe - fmt.rs: fmt_u256 has safety comments that are incorrect """ [[audits.fast-float]] who = [ "Augie Fackler ", "< manishearth@google.com>" ] criteria = ["ub-risk-4"] version = "0.2.0" notes = """Reviewed in Issues found: - https://github.com/aldanor/fast-float-rust/issues/37 (multiple issues) """ [[audits.faster-hex]] who = "Ben Saunders " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.8.1" notes = """Reviewed in CL 579318683 Issues found: - https://github.com/nervosnetwork/faster-hex/pull/39 """ [[audits.fdt]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.1.5" notes = """Reviewed in CL 565675584 No usage of unsafe; one public unsafe function with documented invariants. """ [[audits.filetime]] who = "Manish Goregaokar " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.2.19" notes = "Reviewed in CL 559795004" [[audits.fixedbitset]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.2.0" notes = "Reviewed in CL 559071858" [[audits.flate2]] who = "Manish Goregaokar " criteria = ["ub-risk-4"] version = "1.0.24" notes = """Reviewed in CL 558916134 Issues found: - Uninitialized memory: https://github.com/rust-lang/flate2-rs/pull/373 Minor code quality suggestions: - Defense in depth on dangling pointers (https://github.com/rust-lang/flate2-rs/issues/379) - set_len usage relies on tricky undocumented invariants (incidentally fixed by PR #373) """ [[audits.flate2]] who = "Manish Goregaokar " criteria = ["ub-risk-4"] delta = "1.0.24 -> 1.0.27" notes = """Reviewed in CL 572611911 Same review as previous """ [[audits.flate2]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] delta = "1.0.27 -> 1.0.28" notes = """Reviewed in CL 573223148 Issues from previous review (#379, #220) fixed (PRs #380, #373). """ [[audits.fleetspeak]] who = "Manish Goregaokar " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.4.0" notes = """Reviewed in CL 551181045 Opens files from file descriptors obtained from potentially untrusted sources. This may be okay depending on your use case, and is a common pattern for IPC, but should be included in your project with care since opening the wrong mmaped fd may cause UB. """ [[audits.font-types]] who = "Augie Fackler " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "0.5.0" notes = "Reviewed in CL 617547813" [[audits.gix]] who = "Manish Goregaokar " criteria = ["ub-risk-4"] version = "0.55.2" notes = """Reviewed in CL 581562516 Issues found: - Unsafe transmute of lifetime (https://github.com/Byron/gitoxide/pull/1154) - Interrupt handler function should be unsafe """ [[audits.gix-commitgraph]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.22.0" notes = "Reviewed in CL 581562496" [[audits.gix-config-value]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.14.0" notes = "Reviewed in CL 581042137" [[audits.gix-features]] who = "Ben Saunders " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.36.0" notes = """Reviewed in CL 580908504 Issues: - Illegal mutable aliasing (https://github.com/Byron/gitoxide/pull/1115) """ [[audits.gix-hash]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.13.1" notes = "Reviewed in CL 580781568" [[audits.gix-index]] who = "Ben Saunders " criteria = ["ub-risk-2-thorough", "does-not-implement-crypto"] version = "0.26.0" notes = """Reviewed in CL 581562538 Relies on mmap'd file being untouched externally. """ [[audits.gix-pack]] who = "Taylor Cramer " criteria = ["ub-risk-4"] version = "0.44.0" notes = """Reviewed in CL 581562540 Issues: - https://github.com/Byron/gitoxide/pull/113 - https://github.com/Byron/gitoxide/pull/1115 - https://github.com/Byron/gitoxide/pull/1116 """ [[audits.gix-pack]] who = "Manish Goregaokar " criteria = ["ub-risk-4"] delta = "0.44.0 -> 0.45.0" notes = """Reviewed in CL 594331347 Issues found: - https://github.com/Byron/gitoxide/pull/1230 - https://github.com/Byron/gitoxide/issues/1231 (previously found issues have been fixed) """ [[audits.gix-ref]] who = "Manish Goregaokar " criteria = ["ub-risk-2-thorough"] version = "0.38.0" notes = "Reviewed in CL 581562488" [[audits.gix-revision]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.23.0" notes = "Reviewed in CL 581562502" [[audits.gix-revision]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] delta = "0.23.0 -> 0.24.0" notes = "Reviewed in CL 594331337" [[audits.gix-sec]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.10.0" notes = "Reviewed in CL 581046394" [[audits.gix-tempfile]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "11.0.0" notes = "Reviewed in CL 581562529" [[audits.half]] who = "Ben Saunders " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "1.8.2" notes = """Reviewed in CL 590192561 Issues found: - The `set_len`s in slice.rs and vec.rs are premature and create uninitialized vectors - (internal safety) f16x4_to_f32x4 and f16x4_to_f32x4_x86_f16c do not enforce i.len() > 4. Should be marked unsafe (no issues filed, all of the issues appear to be fixed on GitHub main) """ [[audits.half]] who = "Ben Saunders " criteria = ["ub-risk-1"] version = "1.8.3" notes = "Reviewed in CL 590192561" [[audits.half]] who = "Ben Saunders " criteria = ["ub-risk-1"] version = "2.4.0" notes = "Reviewed in CL 610738461" [[audits.home]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.5.4" notes = "Reviewed in CL 559796554" [[audits.home]] who = "Augie Fackler " criteria = ["ub-risk-2", "does-not-implement-crypto"] delta = "0.5.4 -> 0.5.5" notes = "Reviewed in CL 566644164" [[audits.hoot]] who = "Ben Saunders " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.1.3" notes = """Reviewed in CL 607320079 Issues found: - https://github.com/algesten/hoot/issues/2 (fixed in https://github.com/algesten/hoot/pull/3) """ [[audits.hoot]] who = "Ben Saunders " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "0.1.4" notes = "Reviewed in CL 607320079" [[audits.hound]] who = "Manish Goregaokar " criteria = ["ub-risk-4"] version = "3.5.0" notes = """Reviewed in CL 564508706 Issues found: - https://github.com/ruuda/hound/pull/58 """ [[audits.html-escape]] who = "Ben Saunders " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.2.13" notes = """Reviewed in CL 612354454 Issues found: - decode_impl macro should have "unsafe" in its name and document the safety at callsites - write_hex_to_vec: The Vec::set_len is UB and should only be called after filling the buffer. """ [[audits.http]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "1.49.0" notes = "Reviewed in CL 588379811" [[audits.hyper]] who = [ "Manish Goregaokar ", "Augie Fackler " ] criteria = ["ub-risk-4"] version = "1.0.1" notes = """Reviewed in CL 588384310 Issues found: - https://github.com/hyperium/hyper/pull/3498 - https://github.com/hyperium/hyper/issues/3556 - https://github.com/hyperium/hyper/issues/3500 (probably not a real issue) - https://github.com/hyperium/hyper/issues/3554 (documentation) """ [[audits.hyper-util]] who = "Ben Saunders " criteria = ["ub-risk-2"] version = "0.1.3" notes = "Reviewed in CL 605631967" [[audits.image]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.24.6" notes = "Reviewed in CL 559198279" [[audits.imara-diff]] who = "Taylor Cramer " criteria = ["ub-risk-4"] version = "0.1.5" notes = "Reviewed in CL 581562578" [[audits.inotify]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.9.6" notes = "Reviewed in CL 562731461" [[audits.insta]] who = "Taylor Cramer " criteria = ["ub-risk-1"] version = "1.29.0" notes = "Reviewed in CL 554440331" [[audits.itertools]] who = "Ben Saunders " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "0.11.0" notes = "Reviewed in CL 566337310" [[audits.jiter]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.0.6" notes = "Reviewed in CL 615051835" [[audits.jj_cli]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.11.0" notes = "Reviewed in CL 586453800" [[audits.jj_cli]] who = "Taylor Cramer " criteria = ["ub-risk-1"] version = "0.8.0" notes = "Reviewed in CL 558944141" [[audits.jj_lib]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.11.0" notes = "Reviewed in CL 586453800" [[audits.jj-cli]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.8.0" notes = "Reviewed in CL 554583176" [[audits.kvm-ioctls]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.14.0" notes = "Reviewed in CL 549307303" [[audits.kvm-ioctls]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.14.0" notes = "Reviewed in CL 565655079" [[audits.lexical]] who = "Taylor Cramer " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "6.1.1" notes = """Reviewed in CL 545304248 Many issues found across the `lexical` family of crates: - https://github.com/Alexhuszagh/rust-lexical/pull/103 - https://github.com/Alexhuszagh/rust-lexical/issues/104 - https://github.com/Alexhuszagh/rust-lexical/issues/101 - https://github.com/Alexhuszagh/rust-lexical/issues/95 - Beyond the above issues, review was not completed on the unchecked indexing """ [[audits.lexical_parse_integer]] who = "Ben Saunders " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.8.6" notes = """Reviewed in CL 545304272 See notes on lexical crate. """ [[audits.lexical_parse_integer]] who = "Ben Saunders " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.8.6" notes = """Reviewed in CL 545304281 See notes on lexical crate. """ [[audits.lexical_util]] who = "Manish Goregaokar " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.8.5" notes = """Reviewed in CL 545304267 See notes on lexical crate. """ [[audits.lexical_write_float]] who = "Manish Goregaokar " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.8.5" notes = """Reviewed in CL 545304258 See notes on lexical crate. """ [[audits.lexical-core]] who = "Manish Goregaokar " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.8.5" notes = """Reviewed in CL 545304290 See notes on lexical crate. """ [[audits.lexical-write-integer]] who = "Manish Goregaokar " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.8.5" notes = """Reviewed in CL 545304293 See notes on lexical crate. """ [[audits.libc]] who = "Ben Saunders " criteria = ["ub-risk-4"] delta = "0.2.150 -> 0.2.153" notes = "Reviewed in CL 622219230" [[audits.libfuzz-sys]] who = "Taylor Cramer " criteria = ["ub-risk-3"] delta = "0.4.4 -> 0.4.5" notes = """Reviewed in CL 562889777 Issues found: - https://github.com/rust-fuzz/libfuzzer/issues/112 - https://github.com/rust-fuzz/libfuzzer/issues/113 """ [[audits.libfuzzer-sys]] who = "Ben Saunders " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "0.4.7" notes = "Reviewed in CL 564731033" [[audits.libloading]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.8.0" notes = "Reviewed in CL 562765830" [[audits.libshpool]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.3.3" notes = "Reviewed in CL 580903771" [[audits.libshpool]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.5.0" notes = "Reviewed in CL 609436265" [[audits.line-index]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.1.0" notes = "Reviewed in CL 562882288" [[audits.line-index]] who = "Ben Saunders " criteria = ["ub-risk-2"] version = "0.1.1" notes = "Reviewed in CL 599482318" [[audits.linux-loader]] who = "Taylor Cramer " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.9.0" notes = "Reviewed in CL 548095317" [[audits.linux-loader]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] delta = "0.9.0 -> 0.10.0" notes = "Reviewed in CL 600836074" [[audits.linux-raw-sys]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.4.10" notes = "Reviewed in CL 581059097" [[audits.lock_api]] who = "Taylor Cramer " criteria = ["ub-risk-2"] delta = "0.4.9 -> 0.4.10" notes = "Reviewed in CL 563851550" [[audits.log]] who = "Ben Saunders " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "0.4.20" notes = "Reviewed in CL 563853923" [[audits.malloced]] who = "Ben Saunders " criteria = ["ub-risk-2"] version = "1.3.1" notes = "Reviewed in CL 604812730" [[audits.memchr]] who = "Manish Goregaokar " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "2.6.3" notes = """Reviewed in CL 563868651 Second review would be appreciated. """ [[audits.memoffset]] who = "Taylor Cramer " criteria = ["ub-risk-3"] version = "0.9.0" notes = "Reviewed in CL 555491937" [[audits.minifier]] who = "Manish Goregaokar " criteria = ["ub-risk-4"] version = "0.2.3" notes = """Reviewed in CL 577203072 Issues found: - https://github.com/GuillaumeGomez/minifier-rs/issues/105 """ [[audits.nanorand]] who = "Ben Saunders " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "0.7.0" notes = "Reviewed in CL 562503105" [[audits.nix]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] delta = "0.26.1 -> 0.28.0" notes = """Reviewed in CL 622222105 (The rating differs from the previous once since I feel that the crate needs much more safety comments) """ [[audits.nix]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.26.2" notes = "Reviewed in CL 552861153" [[audits.notify]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "6.1.1" notes = "Reviewed in CL 562731464" [[audits.nu_ansi_term]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.49.0" notes = "Reviewed in CL 585090965" [[audits.num_traits]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.2.15" notes = "Reviewed in CL 558869499" [[audits.num_traits]] who = "Taylor Cramer " criteria = ["ub-risk-2"] delta = "0.2.15 -> 0.2.16" notes = "Reviewed in CL 562140156" [[audits.num-bigint-dig]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.8.4" notes = """Reviewed in CL 598457101 Issues found: - to_str_radix_reversed is required to return a valid string by unsafe code, but this is not documented, nor is it easy to verify. It should probably return a String (at least internally), and have better safety documentation, or a double check when converting from UTF8 """ [[audits.object]] who = "Manish Goregaokar " criteria = ["ub-risk-1"] version = "0.32.0" notes = "Reviewed in CL 558738698" [[audits.perf_event]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.4.8" notes = "Reviewed in CL 583996666" [[audits.perf-event-open-sys]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "4.0.0" notes = "Reviewed in CL 583996664" [[audits.petgraph]] who = "Taylor Cramer " criteria = ["ub-risk-3"] version = "0.5.1" notes = """Reviewed in CL 558142733 Issues found: - https://github.com/petgraph/petgraph/pull/404 - https://github.com/petgraph/petgraph/issues/582 """ [[audits.pollster]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.3.0" notes = """Reviewed in CL 581562576 Usage of unsafe is fine, but crate can be 100% safe: https://github.com/zesterer/pollster/pull/23 """ [[audits.powerfmt]] who = "Taylor Cramer " criteria = ["ub-risk-1"] version = "0.2.0" notes = "Reviewed in CL 578897702" [[audits.proptest]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.10.1" notes = """Reviewed in CL 615011355 Not safe with hardware_rng feature on platforms without RDRAND support. Should bubble up the invariant or have a feature test assertion """ [[audits.pulldown-cmark]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.9.3" notes = "Reviewed in CL 555491415" [[audits.pyo3_macros]] who = "Taylor Cramer " criteria = ["ub-risk-0"] version = "0.20.3" notes = "Reviewed in CL 616043931" [[audits.rand_xorshift]] who = "Augie Fackler " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.2.0" notes = "Reviewed in CL 615005895" [[audits.read-fonts]] who = "Taylor Cramer " criteria = ["ub-risk-1"] version = "0.15.6" notes = "Reviewed in CL 611302616" [[audits.realfft]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "3.3.0" notes = "Reviewed in CL 564478712" [[audits.ref-cast]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "1.0.20" notes = "Reviewed in CL 585449372" [[audits.ref-cast-impl]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "1.0.20" notes = "Reviewed in CL 585449373" [[audits.regex_automata]] who = "Taylor Cramer " criteria = ["ub-risk-1"] version = "0.3.8" notes = "Reviewed in CL 563876644" [[audits.rubato]] who = "Taylor Cramer " criteria = ["ub-risk-3"] version = "0.14.1" notes = "Reviewed in CL 570228314" [[audits.ruzstd]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.4.0" notes = """Reviewed in CL 557876502 Issues found: - https://github.com/KillingSpark/zstd-rs/issues/44 - extend_from_within_unchecked_branchless is hard to review but it's currently dead code """ [[audits.ruzstd]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.6.0" notes = "Reviewed in CL 615772489" [[audits.ryu-js]] who = "Ben Saunders " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.2.2" notes = """Reviewed in CL 589126213 Issues found: - Internal unsoundness around the invariants of q and i in f2s_intrinsics.rs - Unclear bounds checking around get_unchecked in s2d.rs """ [[audits.seccompiler]] who = "Ben Saunders " criteria = ["ub-risk-1", "does-not-implement-crypto"] version = "0.3.0" notes = "Reviewed in CL 547754248" [[audits.serde_jcs]] who = "Augie Fackler " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.1.0" notes = "Reviewed in CL 590122717" [[audits.sha1_smol]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "1.0.0" notes = "Reviewed in CL 581562531" [[audits.shlex]] who = [ "Manish Goregaokar ", "Augie Fackler " ] criteria = ["ub-risk-3"] version = "1.3.0" notes = """Reviewed in CL 600742555 This crate appears safe, but it's not clear that the unchecked utf8 stuff is necessary given the use case, and it relies on undocumented invariants from the bytes iterator code. Would be nice to have these properties documented and fuzz tested. """ [[audits.shpool_pty]] who = "Ben Saunders " criteria = ["ub-risk-4"] version = "0.1.0" notes = """Reviewed in CL 578198476 Issues: - Data race in Fork::new """ [[audits.shpool_pty]] who = "Ben Saunders " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.2.1" notes = "Reviewed in CL 578198476" [[audits.shpool_pty]] who = "Ben Saunders " criteria = ["ub-risk-2-thorough", "does-not-implement-crypto"] version = "0.3.0" notes = "Reviewed in CL 578198476" [[audits.skrifa]] who = "Augie Fackler " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.16.0" notes = "Reviewed in CL 614825012" [[audits.smallvec]] who = "Manish Goregaokar " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "1.11.0" notes = "Reviewed in CL 552492992" [[audits.smol_str]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.2.0" notes = "Reviewed in CL 558187227" [[audits.speedate]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.13.0" notes = """Reviewed in CL 614967252 Would be rather straightforward to add safety comments """ [[audits.swc_atoms]] who = "Manish Goregaokar " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.5.7" notes = "Reviewed in CL 547104864" [[audits.swc_common]] who = "Manish Goregaokar " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.31.17" notes = """Reviewed in CL 547720673 Issues found: - https://github.com/swc-project/swc/issues/7709 """ [[audits.swc_ecma_ast]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.107.0" notes = "Reviewed in CL 545304253" [[audits.swc_ecma_parser]] who = "Manish Goregaokar " criteria = ["ub-risk-4"] version = "0.137.1" notes = """Reviewed in CL 545304254 Issues found: - https://github.com/swc-project/swc/issues/7797 - https://github.com/swc-project/swc/issues/7752 """ [[audits.swc_visit]] who = "Taylor Cramer " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.5.7" notes = "Reviewed in CL 546872016" [[audits.syn]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "2.0.29" notes = "Reviewed in CL 559769881" [[audits.sync_wrapper]] who = "Taylor Cramer " criteria = ["ub-risk-1"] version = "0.1.2" notes = "Reviewed in CL 605332043" [[audits.tar]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.4.0" notes = "Reviewed in CL 627536088" [[audits.tfhe]] who = "Taylor Cramer " criteria = ["ub-risk-3"] version = "0.3.1" notes = """Reviewed in CL 557823618 Issues found: - https://github.com/zama-ai/tfhe-rs/issues/526 """ [[audits.time-macros]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.2.15" notes = "Reviewed in CL 580962188" [[audits.toml_edit]] who = "Manish Goregaokar " criteria = ["ub-risk-4"] version = "0.22.12" notes = """Reviewed in CL 628398549 Issues found: - Better documented safety: https://github.com/toml-rs/toml/pull/720 - Unclear on mll_quotes and mlb_quotes being safe """ [[audits.tracing]] who = "Taylor Cramer " criteria = ["ub-risk-4"] version = "0.1.39" notes = """Reviewed in CL 573852894 Issues found: - https://github.com/tokio-rs/tracing/pull/2765 """ [[audits.tracing-core]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.1.30" notes = "Reviewed in CL 555490997" [[audits.tracing-core]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] delta = "0.1.30 -> 0.1.32" notes = "Reviewed in CL 573852436" [[audits.tracing-log]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.2.0" notes = "Reviewed in CL 585090968" [[audits.transpose]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.2.2" notes = "Reviewed in CL 551680548" [[audits.triomphe]] who = "Taylor Cramer " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.1.8" notes = """Reviewed in CL 545304280 Issues found: - https://github.com/Manishearth/triomphe/pull/62 """ [[audits.triomphe]] who = "Taylor Cramer " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.1.9" notes = "Reviewed in CL 545304280" [[audits.typed-arena]] who = "Taylor Cramer " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "2.0.2" notes = "Reviewed in CL 545304268" [[audits.uds]] who = "Manish Goregaokar " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "0.2.6" notes = """Reviewed in CL 552861165 Issues found: - https://github.com/tormol/uds/issues/11 - https://github.com/tormol/uds/pull/9, https://github.com/tormol/uds/pull/10 - https://github.com/tormol/uds/issues/12 """ [[audits.uds]] who = [ "Manish Goregaokar ", "Augie Fackler ", "" ] criteria = ["ub-risk-4"] version = "0.4.1" notes = """Reviewed in CL 568546769 Issues found: - https://github.com/tormol/uds/pull/14 - https://github.com/tormol/uds/pull/15 - https://github.com/tormol/uds/issues/16 - https://github.com/tormol/uds/issues/17 """ [[audits.ufmt]] who = "Taylor Cramer " criteria = ["ub-risk-3"] version = "0.2.0" notes = "Reviewed in CL 587894431" [[audits.ufmt-write]] who = "Ben Saunders " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.1.0" notes = """Reviewed in CL 587772035 Issues found: - https://github.com/japaric/ufmt/pull/60 """ [[audits.unicode-bom]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "2.0.2" notes = "Reviewed in CL 581562581" [[audits.unicode-reverse]] who = "Ben Saunders " criteria = ["ub-risk-1"] version = "1.0.8" notes = "Reviewed in CL 622744657" [[audits.utf8parse]] who = "Augie Fackler " criteria = ["ub-risk-3"] version = "0.2.1" notes = "Reviewed in CL 559131770" [[audits.vfio-bindings]] who = "Taylor Cramer " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.3.1" notes = "Reviewed in CL 545971960" [[audits.vfio-ioctls]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.1.0" notes = "Reviewed in CL 545971961" [[audits.vhost]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.7.0" notes = "Reviewed in CL 546255068" [[audits.vhost]] who = "Manish Goregaokar " criteria = ["ub-risk-4"] version = "0.8.0" notes = """Reviewed in CL 559359624 Issues found: - https://github.com/rust-vmm/vhost/pull/184 """ [[audits.vhost]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.8.1" notes = "Reviewed in CL 559359624" [[audits.vhost-user-backend]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.10.1" notes = "Reviewed in CL 559122379" [[audits.virtio]] who = "Taylor Cramer " criteria = ["ub-risk-1"] version = "0.2.1" notes = "Reviewed in CL 557159752" [[audits.virtiofsd]] who = "Manish Goregaokar " criteria = ["ub-risk-3", "does-not-implement-crypto"] version = "1.6.1" notes = """Reviewed in CL 548811972 Issues found: - https://gitlab.com/virtio-fs/virtiofsd/-/issues/113 (only an issue for library users) """ [[audits.vm-memory]] who = "Manish Goregaokar " criteria = ["ub-risk-3"] version = "0.12.1" notes = """Reviewed in CL 556862067 Issues found: - https://github.com/rust-vmm/vm-memory/issues/250 """ [[audits.vm-memory]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.12.1" notes = """Reviewed in CL 556862067 Issues from previous review fixed """ [[audits.vm-memory]] who = "Ben Saunders " criteria = ["ub-risk-4", "does-not-implement-crypto"] version = "0.13.1" notes = """Reviewed in CL 595684339 Issues found: - https://github.com/rust-vmm/vm-memory/issues/281 """ [[audits.vmm_sys_util]] who = "Ben Saunders " criteria = ["ub-risk-2", "does-not-implement-crypto"] version = "0.12.1" notes = "Reviewed in CL 599627630" [[audits.vte]] who = "Manish Goregaokar " criteria = ["ub-risk-4"] version = "0.12.0" notes = """Reviewed in CL 579243289 Issues found: - https://github.com/alacritty/vte/pull/102 """ [[audits.winnow]] who = "Taylor Cramer " criteria = ["ub-risk-2"] version = "0.5.19" notes = "Reviewed in CL 581220347" [[audits.xxhash-rust]] who = "Taylor Cramer " criteria = ["ub-risk-4"] version = "0.8.6" notes = """Reviewed in CL 552861145 Many internal functions that are `unsafe` to call are not marked `unsafe`. See https://github.com/DoumanAsh/xxhash-rust/issues/29 """ [[audits.zerocopy]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.6.1" notes = "Reviewed in CL 592374439" [[audits.zerotrie]] who = "Manish Goregaokar " criteria = ["ub-risk-2"] version = "0.1.2" notes = "Reviewed in https://github.com/unicode-org/icu4x/pull/2722/"