HistoryEditJSON (OSV)

RUSTSEC-2022-0052

os_socketaddr invalidly assumes the memory layout of std::net::SocketAddr

Reported
Issued
Package
os_socketaddr (crates.io)
Type
INFO Unsound
Categories
Keywords
#memory #layout #cast
Aliases
References
Patched
  • >=0.2.2

Description

The os_socketaddr crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation.

These layout were changed into idiomatic rust types in nightly std. Starting from rustc 1.64 the affected versions of this crate will have undefined behaviour.

Advisory available under CC0-1.0 license.