安全地从struct sockaddr转换为struct sockaddr_storage

Question

I have a function which takes in "struct sockaddr *" as a parameter (let's call this input_address), and then I need to operate on that address, which may be a sockaddr_in or sockaddr_in6, since I support both IPv4 and IPv6.

I'm getting some memory corruption and trying to track it down to it's source, and in the process found some code that seems suspect, so I would like to validate if this is the right way to do things.

struct sockaddr_storage *input_address_storage = (struct sockaddr_storage *) input_address;
struct sockaddr_storage result = [UtilityClass performSomeOperation: *input_address_storage];

At first I thought the cast in the first line was safe, but then in the second line I need to dereference that pointer, which seems like it may be wrong. The reason I am concerned is that it may end up copying memory that is beyond where the original structure is (since sockaddr_in is shorter than sockaddr_in6). I am not sure if this could cause a memory corruption (my guess is no), but nevertheless this code gives me a bad feeling.

I can't change the fact my function takes a "struct sockaddr *", so it seems like it would be difficult to work around this type of code, and yet I want to avoid copying from a memory location where I shouldn't be.

If anyone can validate whether what I am doing is wrong, and the best way to fix this, I'd appreciate it.

EDIT: An admin had changed my C tag for C# for some reason. The code I gave is primarily C, with one function call from objective C that doesn't really matter. That call could have been C.

Answer 1

The problem with your approach is that you are converting an existing struct sockaddr* into a struct sockaddr_storage* . Imagine what happens if the original was a ``struct sockaddr_in . Since . Since sizeof(struct sockaddr_in) < sizeof(struct sockaddr_storage)`, the memory-sanitizer complains of unbound memory reference.

struct sockaddr_storage is essentially a container to contain either your struct sockaddr_in or struct sockaddr_in6 .

Hence, it is useful when you want to pass in a struct sockaddr* object but want to allocate enough memory for both sockaddr_in and sockaddr_in6 .

A good example is the recvfrom(3) call:

ssize_t recvfrom(int socket, void *restrict buffer, size_t length,
                 int flags, struct sockaddr *restrict address,
                 socklen_t *restrict address_len);

Since address requires a struct sockaddr* object, we will construct a struct sockaddr_storage first, and pass it in:

struct sockaddr_storage address;
socklen_t address_length = sizeof(struct sockaddr_storage);
ssize_t ret = recvfrom(fd, buffer, buffer_length, 0, (struct sockaddr*)&address, &address_length);

if (address.ss_family == AF_INET) {
  DoIpv4Work((struct sockaddr_in*)&address, ...);
} else if (address.ss_family == AF_INET6) {
  DoIpv6Work((struct sockaddr_in6*)&address, ...);
}

The difference in your approach and mine is that I allocate a struct sockaddr_storage and then use it as struct sockaddr , but you do the REVERSE , and use a struct sockaddr and then use it as struct sockaddr_storage .