Incorrect reallocation logic in the function vec_insert_bytes
causes a use-after-free.
This function does not have to be called directly to trigger the vulnerability because many methods on EncodingWriter
call this function internally.
The mail-* suite is unmaintained and the upstream sources have been actively vandalised.
A fixed mail-internals-ng
(and mail-headers-ng
and mail-core-ng
) crate has been published which fixes this, and a dependency on another unsound crate.
{ "license": "CC0-1.0" }