Subject: getpeername/getsockname addrlen parameter
To: None <>
From: Ignatios Souvatzis <>
List: tech-net
Date: 11/16/1999 12:56:40

dM points out (PR 6980), that our getpeername() uses int * as the parameter
addrlen, which is a potential security problem (depending on the copyout
implementation). getsockname does the same.

I did a quick check, and found:

- SUSV2 uses socklen_t *. Socklen_t is defined in sys/socket.h as an
  unsigned opaque integral type of length of at least 32 bits.

- some modern Unices (SunOS 5.6, Digital Unix 4) use size_t * instead.
- Historic Unices (Ultrix 4.3, SunOS 4) use int *.

I suggest to define and use socklen_t (typedef'd to size_t).


 * Progress (n.): The process through which Usenet has evolved from
   smart people in front of dumb terminals to dumb people in front of
   smart terminals.  -- (obscurity)