Dependencies: [Security] Bump rustix from 0.36.5 to 0.36.17
Bumps rustix from 0.36.5 to 0.36.17. This update includes a security fix.
Vulnerabilities fixed
rustix's
rustix::fs::Dir
iterator with thelinux_raw
backend can cause memory explosionSummary
When using
rustix::fs::Dir
using thelinux_raw
backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue inrustix::fs::Dir::read_more
, this can cause quick and unbounded memory explosion (gigabytes in a few seconds if used on a hot path) and eventually lead to an OOM crash of the application.Details
Discovery
The symptoms were initially discovered in imsnif/bandwhich#284. That post has lots of details of our investigation. See this post and the Discord thread for details.
Diagnosis
This issue is caused by the combination of two independent bugs:
- Stuck iterator
- The
rustix::fs::Dir
iterator can fail to halt after encountering an IO error, causing the caller to be stuck in an infinite loop.
- Memory over-allocation
Dir::read_more
incorrectly grows the read buffer unconditionally each time it is called, regardless of necessity.Since
<Dir as Iterator>::next
callsDir::read
, which in turn callsDir::read_more
, this means an IO error encountered during reading a directory can lead to rapid and unbounded growth of memory use.
... (truncated)
Patched versions: 0.36.16 Affected versions: >= 0.36.0, < 0.36.16
Commits
-
76c998c
chore: Release rustix version 0.36.17 -
1c6013a
Fix p{read,write}v{,v2}'s encoding of the offset argument on Linux. (#896) (#... -
6534992
chore: Release rustix version 0.36.16 -
4928cf7
Disable riscv64 testing. -
8cc159c
Fix thetest_ttyname_ok
test when /dev/stdin is inaccessable. (#821) -
6dc7ba9
Downgrade dependencies and disable tests to compile under Rust 1.48. -
ded8986
Disable MIPS in CI. (#793) -
739f9c3
Fixes forDir
on macOS, FreeBSD, and WASI. -
87481a9
Merge pull request from GHSA-c827-hfw6-qwvm -
5b764b5
chore: Release rustix version 0.36.15 - Additional commits viewable in compare view