nix-rust · Jan561 · Dec 3, 2023 · asomers · Dec 3, 2023 · Jan561
diff --git a/changelog/2249.fixed.md b/changelog/2249.fixed.md
@@ -0,0 +1 @@
+Fixed `recvm(m)sg` not checking the address family field of the received address.
diff --git a/src/sys/socket/mod.rs b/src/sys/socket/mod.rs
@@ -1718,15 +1718,15 @@ where
 
         // as long as we are not reading past the index writen by recvmmsg - address
         // will be initialized
-        let address = unsafe { self.rmm.addresses[self.current_index].assume_init() };
+        let address = self.rmm.addresses[self.current_index];
 
         self.current_index += 1;
         Some(unsafe {
             read_mhdr(
                 mmsghdr.msg_hdr,
                 mmsghdr.msg_len as isize,
                 self.rmm.msg_controllen,
-                address,
+                &address,
             )
         })
     }
@@ -1778,7 +1778,7 @@ unsafe fn read_mhdr<'a, 'i, S>(
     mhdr: msghdr,
     r: isize,
     msg_controllen: usize,
-    mut address: S,
+    address: &mem::MaybeUninit<S>,
 ) -> RecvMsg<'a, 'i, S>
     where S: SockaddrLike
 {
@@ -1798,15 +1798,16 @@ unsafe fn read_mhdr<'a, 'i, S>(
         }
     };
 
-    // Ignore errors if this socket address has statically-known length
-    //
-    // This is to ensure that unix socket addresses have their length set appropriately.
-    let _ = unsafe { address.set_length(mhdr.msg_namelen as usize) };
+    let addr_len = mhdr.msg_namelen;
+
+    let address = unsafe {
+        S::from_raw(address.as_ptr().cast(), Some(addr_len))
 Ok((ret, T::from_raw(addr.assume_init().as_ptr(), Some(len)))) 
 Ok((ret, T::from_raw(addr.assume_init().as_ptr(), Some(len)))) 
+    };
 
     RecvMsg {
         bytes: r as usize,
         cmsghdr,
-        address: Some(address),
+        address,
         flags: MsgFlags::from_bits_truncate(mhdr.msg_flags),
         mhdr,
         iobufs: std::marker::PhantomData,
@@ -1936,7 +1937,7 @@ pub fn recvmsg<'a, 'outer, 'inner, S>(fd: RawFd, iov: &'outer mut [IoSliceMut<'i
 
     let r = Errno::result(ret)?;
 
-    Ok(unsafe { read_mhdr(mhdr, r, msg_controllen, address.assume_init()) })
+    Ok(unsafe { read_mhdr(mhdr, r, msg_controllen, &address) })
 }
 }
 
@@ -2112,7 +2113,7 @@ pub fn recvfrom<T: SockaddrLike>(
             &mut len as *mut socklen_t,
         ))? as usize;
 
-        Ok((ret, T::from_raw(addr.assume_init().as_ptr(), Some(len))))
+        Ok((ret, T::from_raw(addr.as_ptr().cast(), Some(len))))
     }
 }
 

diff --git a/test/sys/test_socket.rs b/test/sys/test_socket.rs
@@ -2915,3 +2915,87 @@ fn can_open_routing_socket() {
         socket(AddressFamily::Route, SockType::Raw, SockFlag::empty(), None)
             .expect("Failed to open routing socket");
 }
+
+#[test]
+fn test_recvmsg_wrong_addr_type() {
+    use std::io::{IoSlice, IoSliceMut};
+
+    use nix::sys::socket::*;
+
+    let send = socket(
+        AddressFamily::Inet,
+        SockType::Datagram,
+        SockFlag::empty(),
+        SockProtocol::Udp,
+    )
+    .unwrap();
+
+    let recv = socket(
+        AddressFamily::Inet,
+        SockType::Datagram,
+        SockFlag::empty(),
+        SockProtocol::Udp,
+    )
+    .unwrap();
+
+    let addr = "127.0.0.1:6803".parse::<SockaddrIn>().unwrap();
+
+    bind(recv.as_raw_fd(), &addr).unwrap();
+
+    sendmsg(
+        send.as_raw_fd(),
+        &[IoSlice::new(&[0x69; 42][..])],
+        &[],
+        MsgFlags::empty(),
+        Some(&addr),
+    )
+    .unwrap();
+
+    // To make apple happy
+    let mut buf = [0u8; 42];
+    let mut iov = [IoSliceMut::new(&mut buf)];
+
+    let r = recvmsg::<UnixAddr>(
+        recv.as_raw_fd(),
+        &mut iov,
+        None,
+        MsgFlags::empty(),
+    )
+    .unwrap();
+
+    assert!(r.address.is_none());
+}
+
+#[test]
+fn test_recvfrom_wrong_addr_type() {
+    use nix::sys::socket::*;
+
+    let send = socket(
+        AddressFamily::Inet,
+        SockType::Datagram,
+        SockFlag::empty(),
+        SockProtocol::Udp,
+    )
+    .unwrap();
+
+    let recv = socket(
+        AddressFamily::Inet,
+        SockType::Datagram,
+        SockFlag::empty(),
+        SockProtocol::Udp,
+    )
+    .unwrap();
+
+    let addr = "127.0.0.1:6804".parse::<SockaddrIn>().unwrap();
+
+    bind(recv.as_raw_fd(), &addr).unwrap();
+
+    sendto(send.as_raw_fd(), &[0x69; 42], &addr, MsgFlags::empty()).unwrap();
+
+    // To make apple happy
+    let mut buf = [0u8; 42];
+
+    let (_, addr) = recvfrom::<UnixAddr>(recv.as_raw_fd(), &mut buf).unwrap();
+
+    assert!(addr.is_none());
+}