Cryptographically verifiable, distributed dependency reviews
Add the last reviewed version to Cargo.toml / [dependencies]:
rdrand = "0.6.0"
Please, use mobile in landscape.
Filter reviews clicking on the numbers in the summary.
Full column names in tooltip hints: rating Negative, rating Neutral, rating Positive, rating Strong, thoroughness, understanding, reviews count.
$gen::try_fill_bytes invokes undefined behavior (overlapping &mut u32 and &mut [u8]): https://github.com/nagisa/rust_rdrand/issues/13. 0.5.x removed some use of uninitialized.
Reviewed:
benches\rdrand.rs: +1
benches\rdseed.rs: +1
benches\std.rs: +1
src\changelog.rs: +1
src\lib.rs: Concerns:
mem::uninitialized() u32s
is_x86_feature_detected: I have not verified this is correct.
loop_rand! uses mem::uninitialized() for $el:ty, easy to misuse! Requires unsafe{} so technically sound. Not exported.
$gen::try_fill_bytes: UNSOUND! word and buffer reference the same data. As both are &mut Ts, this is 100% undefined behavior.
unsafe blocks appear much larger than they need to be.
ptr::copy_nonoverlapping: This should really use a slice copy which should be just as safe...? But maybe missing from core?
© bestia.dev 2023, MIT License, Version: 2023.608.1636
Open source repository for this web app: https://github.com/bestia-dev/cargo_crev_web/
$gen::try_fill_bytes invokes undefined behavior (overlapping &mut u32 and &mut [u8]).
Reviewed:
benches\rdrand.rs: +1
benches\rdseed.rs: +1
benches\std.rs: +1
src\changelog.rs: +1
src\lib.rs: Concerns:
mem::uninitialized() u32s
is_x86_feature_detected: I have not verified this is correct.
loop_rand! uses mem::uninitialized() for $el:ty, easy to misuse! Requires unsafe{} so technically sound. Not exported.
$gen::try_fill_bytes: UNSOUND! word and buffer reference the same data. As both are &mut Ts, this is 100% undefined behavior.
unsafe blocks appear much larger than they need to be.
ptr::copy_nonoverlapping: This should really use a slice copy which should be just as safe...? But maybe missing from core?