torsock's getpeername() implementation is broken.
This is incredibly wrong and breaks well written applications:
/*
* Extra check for addrlen since we are about to copy the connection
* content into the given address.
*/
if (*addrlen > sizeof(struct sockaddr)) {
/* Ref to the manpage for the returned value here. */
errno = EINVAL;
ret = -1;
goto end;
}
http://pubs.opengroup.org/onlinepubs/9699919799/functions/getpeername.html
The address_len argument points to a socklen_t object which on input specifies the length of the supplied sockaddr structure, and on output specifies the length of the stored address. If the actual length of the address is greater than the length of the supplied sockaddr structure, the stored address shall be truncated.
This does not mean "reject address_len
that's larger than sizeof(struct sockaddr)
", and it is common to pass in a sockaddr_in6
or sockaddr_storage
both which are larger than sockaddr
.