GHSA-wrw7-89jp-8q8g: 
Rust vulnerability analysis and mitigation

The vulnerability (GHSA-wrw7-89jp-8q8g) affects the glib Rust package versions 0.15.0 through 0.20.0, involving unsoundness in the Iterator and DoubleEndedIterator implementations for glib::VariantStrIter. The issue was discovered on March 30, 2024, and officially published on December 23, 2024. This moderate severity vulnerability stems from improper handling of immutable references in the VariantStrIter::impl_get function (GitHub Advisory, RustSec Advisory).

The vulnerability centers on the VariantStrIter::impl_get function passing an immutable reference &p to a *mut libc::c_char pointer (initialized to NULL) as an argument to a C function that mutates the pointer in-place. This violates Rust's safety invariants, particularly when the code is compiled with optimizations. The issue went undetected because the wrapped C function (glib_sys::g_variant_get_child) is variadic, and the problematic pointer was passed as one of the variadic arguments, resulting in reduced type checking. The vulnerability has a CVSS v4 score of 6.9, indicating moderate severity (GitHub Advisory).

When compiled with optimizations (either in release mode or with opt-level of 2 or 3), the unsound writes through &p are disregarded by recent Rust compiler versions. This leads to violations of safety requirements in the std::ffi::CStr::from_ptr function, ultimately resulting in crashes due to NULL pointer dereferences. The issue affects multiple functions including next(), next_back(), nth(), nth_back(), and last() (RustSec Advisory).

The vulnerability has been patched in version 0.20.0 of the glib crate. The fix involves explicitly passing the out-argument pointer as &mut p instead of &p in the VariantStrIter::impl_get function. Users are advised to upgrade to version 0.20.0 or later to resolve this issue (GitHub Advisory, RustSec Advisory).