Undefined behavior: alloc() should be alloc_zeroed()

tormol / uds

A unix domain sockets Rust library

Apache License 2.0

21 stars 9 forks source link

Undefined behavior: alloc() should be alloc_zeroed() #11

Closed Manishearth closed 1 year ago

Manishearth commented 1 year ago

https://github.com/tormol/uds/blob/d8cefa3c6a9261c9844c336d5d49e639cdc4403c/src/ancillary.rs#L197

https://github.com/tormol/uds/blob/d8cefa3c6a9261c9844c336d5d49e639cdc4403c/src/ancillary.rs#L118

These bytes can be accessed by Rust code via the Deref impl or directly as a cmsghdr, but it is UB in Rust to read uninitialized memory. These should be alloc_zeroed()

tormol commented 1 year ago

This has been fixed in #8, and has now been released in 0.2.7 and 0.3.0.

Manishearth commented 1 year ago

thanks!