An issue was discovered in the ordered-float crate before 1.1.1 and 2.x before 2.0.1 for Rust. After using an assignment operators such as NotNan::add_assign, NotNan::mul_assign, etc., it was possible for the resulting NotNan value to contain a NaN. This could cause undefined behavior in safe code, because the safe NotNan::cmp method contains internal unsafe code that assumes the value is never NaN. (It could also cause undefined behavior in third-party unsafe code that makes the same assumption, as well as logic errors in safe code.)
もっと詳しく