UB in SockaddrStorage::hash

[asomers]

SockaddrStorage::from_raw allows creating a variable that isn't fully initialized. But the SockaddrStorage::hash implementation assumes that if the ss_family field is of an unknown type, then the entire structure must be fully initialized. You could cause it to access uninitialized data by doing something like the following:

let sa = libc::sockaddr {
    sa_len: 8,
    sa_family: 255,  // Not a valid family
    .. unsafe{ mem::zeroed() }
};
let ss = unsafe{ SockaddrStorage::from_raw((&sa).as_ptr(), Some(sa.sa_len)).unwrap() };
let mut s = DefaultHasher::new();
ss.hash(&mut s);

Granted, this requires the use of unsafe. But we can and should still fix it by always validating sa_family in SockaddrStorage::from_raw.

[asomers]

Actually, this isn't a bug. When I wrote it up, I assumed that the sockaddr_storage would be not fully initialized. But actually, that was never true. It's always been zero-initialized in this case. See

nix/src/sys/socket/addr.rs

Line 1270 in c1147c6

let mut ss: libc::sockaddr_storage = unsafe { mem::zeroed() };