Zero-initialize sockaddr_storage in inet_parse()#10
Merged
troglobit merged 1 commit intotroglobit:masterfrom Mar 21, 2026
Merged
Conversation
inet_parse() only sets sin6_family, sin6_addr, and sin6_port, leaving sin6_scope_id and sin6_flowinfo uninitialized. When the caller's inet_addr_t is on the stack, these fields contain garbage which the kernel may interpret - e.g., a non-zero sin6_scope_id causes bind() to fail with ENODEV when the garbage value doesn't match any interface index. Zero the entire struct before populating it. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
dangowrt
force-pushed
the
zero-initialize-sockaddr_storage-in-inet_parse
branch
from
7f16b6b to
96de688
Compare
troglobit
approved these changes
Mar 21, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
inet_parse()only setssin6_family,sin6_addr, andsin6_port, leavingsin6_scope_idandsin6_flowinfouninitialized. When the caller'sinet_addr_tis on the stack, these fields contain garbage which the kernel may interpret — e.g., a non-zerosin6_scope_idcausesbind()to fail withENODEVwhen the garbage value doesn't match any interface index.Zero the entire struct before populating it.