You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
SockaddrStorage::from_raw allows creating a variable that isn't fully initialized. But the SockaddrStorage::hash implementation assumes that if the ss_family field is of an unknown type, then the entire structure must be fully initialized. You could cause it to access uninitialized data by doing something like the following:
let sa = libc::sockaddr{sa_len:8,sa_family:255,// Not a valid family
.. unsafe{ mem::zeroed()}};let ss = unsafe{SockaddrStorage::from_raw((&sa).as_ptr(),Some(sa.sa_len)).unwrap()};letmut s = DefaultHasher::new();
ss.hash(&mut s);
Granted, this requires the use of unsafe. But we can and should still fix it by always validating sa_family in SockaddrStorage::from_raw.
The text was updated successfully, but these errors were encountered:
Actually, this isn't a bug. When I wrote it up, I assumed that the sockaddr_storage would be not fully initialized. But actually, that was never true. It's always been zero-initialized in this case. See
SockaddrStorage::from_raw
allows creating a variable that isn't fully initialized. But theSockaddrStorage::hash
implementation assumes that if the ss_family field is of an unknown type, then the entire structure must be fully initialized. You could cause it to access uninitialized data by doing something like the following:Granted, this requires the use of
unsafe
. But we can and should still fix it by always validatingsa_family
inSockaddrStorage::from_raw
.The text was updated successfully, but these errors were encountered: