CVE-2021-26951

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::set_len is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get.

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::set_len is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get.

Affected versions of this crate arbitrarily calls `Vec::set_len` to increase length of a vector without claiming more memory for the vector. Affected versions of this crate also calls user-provided `Read` on the uninitialized memory of the vector that was extended with `Vec::set_len`. This can overwrite active entities in adjacent heap memory and seems to be a major security issue. Also, calling user-provided `Read` on uninitialized memory is defined as UB in Rust.

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::set_len is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get.

Se detectó un problema en la crate calamine versiones anteriores a 0.17.0 para Rust. Permite a atacantes sobrescribir las ubicaciones de la memoria de la pila porque la función Vec::set_len es usada sin el requerimiento de memoria apropiado, y esta memoria no inicializada se usa para una operación de Lectura proporcionada por el usuario, como es demostrado por la función Sectors::get