This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate rustfft

Dependencies

(5 total, 2 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 num-complex^0.20.4.5out of date
 num-integer^0.10.1.46up to date
 num-traits^0.20.2.18up to date
 strength_reduce^0.2.10.2.4up to date
 transpose ⚠️^0.10.2.3out of date

Dev dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 rand^0.50.8.5out of date

Security Vulnerabilities

transpose: Buffer overflow due to integer overflow in `transpose`

RUSTSEC-2023-0080

Given the function transpose::transpose:

fn transpose<T: Copy>(input: &[T], output: &mut [T], input_width: usize, input_height: usize)

The safety check input_width * input_height == output.len() can fail due to input_width * input_height overflowing in such a way that it equals output.len(). As a result of failing the safety check, memory past the end of output is written to. This only occurs in release mode since * panics on overflow in debug mode.

Exploiting this issue requires the caller to pass input_width and input_height arguments such that multiplying them overflows, and the overflown result equals the lengths of input and output slices.