From 4d7c66152cae22cc0cf0d992865d9e3ac99de038 Mon Sep 17 00:00:00 2001
From: Mac <apple@steve.local>
Date: Tue, 6 Jan 2026 16:19:12 +0800
Subject: [PATCH] add-rustsec-for-onig

---
 crates/onig/RUSTSEC-0000-0000.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 crates/onig/RUSTSEC-0000-0000.md

diff --git a/crates/onig/RUSTSEC-0000-0000.md b/crates/onig/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000000..e5716ee3ce
--- /dev/null
+++ b/crates/onig/RUSTSEC-0000-0000.md
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "onig"
+date = "2025-10-18"
+url = "https://github.com/rust-onig/rust-onig/issues/206"
+
+[versions]
+patched = []
+```
+
+# Pointer Offset Overflow in onig
+
+A pointer offset overflow vulnerability has been discovered in the Region::pos method of the rust-onig library. The method performs an unchecked conversion from usize to isize, which can lead to address calculation overflow in the subsequent ptr::offset operation.
+
+Crash Information:
+Error Type: unsafe precondition(s) violated: ptr::offset requires the address calculation to not overflow
+Location: region.rs in Region::pos
+Root Cause: Conversion of usize values greater than isize::MAX to isize causes integer overflow
+