DeepSource
Dashboard Resources Pricing Discover Directory Log in

Run your first analysis.

Find thousands of code security and quality issues in your codebase, before they end up in production.

Start now
Rust

Rust

Made by DeepSource
Use Analyzer

Bind to all interfaces RS-S1006

Security
Major
 cwe-200 owasp top 10

Binding to all network interfaces can potentially open up a service to traffic on unintended interfaces.

Acccording to their specifications, the following addresses are "unspecified" addresses:

  • 0.0.0.0 in IPv4
  • 0:0:0:0:0:0 (or just ::) in IPv6

When you bind a socket to all interfaces using an "unspecified" address as the IP address, you essentially allow it to accept connections from any IP address provided, that can get to the socket via routing. Binding to all interfaces is therefore associated with security risks and is not recommended.

Bad practice

use std::net::TcpListener;

let listener = TcpListener::bind("0.0.0.0:80")?;

Recommended

use std::net::TcpListener;

let listener = TcpListener::bind("127.0.0.1:80")?;

References