Skip to content

SocketAncillary doesn't ensure the control buffer is aligned at least as much as cmsghdr #139861

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
bjorn3 opened this issue Apr 15, 2025 · 1 comment
Open

SocketAncillary doesn't ensure the control buffer is aligned at least as much as cmsghdr #139861

bjorn3 opened this issue Apr 15, 2025 · 1 comment
Labels
C-bug Category: This is a bug. needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. O-unix Operating system: Unix-like requires-nightly This issue requires a nightly compiler in some way. T-libs Relevant to the library team, which will review and decide on the PR/issue.

Comments

@bjorn3
Copy link
Member

bjorn3 commented Apr 15, 2025

SocketAncillary accepts an arbitrary slice as input even if the slice is not correctly aligned to cmsghdr. This is unsound.
@bjorn3 bjorn3 added C-bug Category: This is a bug. O-unix Operating system: Unix-like requires-nightly This issue requires a nightly compiler in some way. T-libs Relevant to the library team, which will review and decide on the PR/issue. labels Apr 15, 2025
@rustbot rustbot added the needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. label Apr 15, 2025
@zopsicle
Copy link
Contributor

Approaches to solve this were discussed in the tracking issue: #76915

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C-bug Category: This is a bug. needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. O-unix Operating system: Unix-like requires-nightly This issue requires a nightly compiler in some way. T-libs Relevant to the library team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bjorn3 @rustbot @zopsicle