I see. Looking at net/unix/af_unix.c:unix_mkname of Linux 2.6, there is a comment that says

   Check unix socket name: [...]
     - if started by not zero, should be NULL terminated (FS object)

However, the code then just does

/*
 * This may look like an off by one error but it is a bit more
 * subtle. 108 is the longest valid AF_UNIX path for a binding.
 * sun_path[108] doesnt as such exist.  However in kernel space
 * we are guaranteed that it is a valid memory location in our
 * kernel address buffer.
 */
((char *)sunaddr)[len] = 0;
len = strlen(sunaddr->sun_path)+1+sizeof(short);
return len;

So it doesn't actually check that it's null-terminated, but always sets the null termination in kernel based on the address length. Interesting.

With all the effort that went into the patch, I recommend to get it right: if there is space for the \0, include it. If the string size is exactly 108, and it's linux, write it unterminated. Else fail.

As for testing: we should then definitely have a test that, if you can create an 108 byte unix socket that its socket name is what we said it should be.