[src/netbsd-1-4]: src/sys/netinet Pull up revision 1.104 (requested by thorpej):

[he <he%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/66e082255915
branches:  netbsd-1-4
changeset: 470468:66e082255915
user:      he <he%NetBSD.org@localhost>
date:      Thu Mar 02 10:24:18 2000 +0000

description:
Pull up revision 1.104 (requested by thorpej):
  Work around a compiler bug that causes a security vulnerability
  in our IP stack on some platforms.

diffstat:

 sys/netinet/ip_input.c |  17 +++++++++--------
 1 files changed, 9 insertions(+), 8 deletions(-)

diffs (62 lines):

diff -r b69f9b671e6f -r 66e082255915 sys/netinet/ip_input.c
--- a/sys/netinet/ip_input.c    Wed Mar 01 14:11:25 2000 +0000
+++ b/sys/netinet/ip_input.c    Thu Mar 02 10:24:18 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_input.c,v 1.82.2.4 2000/02/12 18:10:24 he Exp $     */
+/*     $NetBSD: ip_input.c,v 1.82.2.5 2000/03/02 10:24:18 he Exp $     */
 
 /*-
  * Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -856,11 +856,11 @@
        struct mbuf *m;
 {
        register struct ip *ip = mtod(m, struct ip *);
-       register u_char *cp;
+       register u_char *cp, *cp0;
        register struct ip_timestamp *ipt;
        register struct in_ifaddr *ia;
        int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0;
-       struct in_addr *sin, dst;
+       struct in_addr dst;
        n_time ntime;
 
        dst = ip->ip_dst;
@@ -990,7 +990,7 @@
                                        goto bad;
                                break;
                        }
-                       sin = (struct in_addr *)(cp + ipt->ipt_ptr - 1);
+                       cp0 = (cp + ipt->ipt_ptr - 1);
                        switch (ipt->ipt_flg) {
 
                        case IPOPT_TS_TSONLY:
@@ -1005,8 +1005,8 @@
                                                            m->m_pkthdr.rcvif);
                                if (ia == 0)
                                        continue;
-                               bcopy((caddr_t)&ia->ia_addr.sin_addr,
-                                   (caddr_t)sin, sizeof(struct in_addr));
+                               bcopy(&ia->ia_addr.sin_addr,
+                                   cp0, sizeof(struct in_addr));
                                ipt->ipt_ptr += sizeof(struct in_addr);
                                break;
 
@@ -1014,7 +1014,7 @@
                                if (ipt->ipt_ptr - 1 + sizeof(n_time) +
                                    sizeof(struct in_addr) > ipt->ipt_len)
                                        goto bad;
-                               bcopy((caddr_t)sin, (caddr_t)&ipaddr.sin_addr,
+                               bcopy(cp0, &ipaddr.sin_addr,
                                    sizeof(struct in_addr));
                                if (ifa_ifwithaddr((SA)&ipaddr) == 0)
                                        continue;
@@ -1025,7 +1025,8 @@
                                goto bad;
                        }
                        ntime = iptime();
-                       bcopy((caddr_t)&ntime, (caddr_t)cp + ipt->ipt_ptr - 1,
+                       cp0 = (u_char *) &ntime;        /* XXX GCC BUG */
+                       bcopy(cp0, (caddr_t)cp + ipt->ipt_ptr - 1,
                            sizeof(n_time));
                        ipt->ipt_ptr += sizeof(n_time);
                }