Undefined behavior: CMSG_DATA and CMSG_NXTHDR may return null

[Manishearth]

uds/src/ancillary.rs

Line 128 in d8cefa3

*(CMSG_DATA(header) as *mut c_void as *mut _) = creds;

uds/src/ancillary.rs

Line 137 in d8cefa3

let dst = CMSG_DATA(header) as *mut c_void;

uds/src/ancillary.rs

Line 333 in d8cefa3

let first_fd = CMSG_DATA(self.next_message) as *const c_void;

uds/src/ancillary.rs

Line 358 in d8cefa3

let creds_ptr = CMSG_DATA(self.next_message) as *const c_void;

uds/src/ancillary.rs

Line 129 in d8cefa3

header = &mut*CMSG_NXTHDR(&mut msg, header);

The docs say that these functions may return null, but they're not null-checked in the locations above (the usage of CMSG_NXTHDR for initializing next_message is, however). The code is dereferencing the results here and dereferencing a null pointer is UB: it should null-check these.

[tormol]

As far as I understand they'll only return null if there's not enough space.
The code tries to calculate and allocate the required space, so it should never happen.

But assertions have been added in #8, and has now been released in 0.2.7 and 0.3.0.
And there was a bug in the space calculation, which is also fixed in those versions.

[Manishearth]

Hmm, okay, makes sense. Thanks!