Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/external/cddl/osnet/dist/common/nvpair Fix undefined behavio...



details:   https://anonhg.NetBSD.org/src/rev/68e3fbfe831b
branches:  trunk
changeset: 1007853:68e3fbfe831b
user:      kamil <kamil%NetBSD.org@localhost>
date:      Mon Mar 02 15:45:33 2020 +0000

description:
Fix undefined behavior in misaligned pointer usage

Detected by UBSan and already fixed upstream.

Cherry-pick:
>From aa0218d6a12814fac50b287214f9f3b0b99e11b1 Mon Sep 17 00:00:00 2001
From: Brian Behlendorf <behlendorf1%llnl.gov@localhost>
Date: Tue, 7 Jan 2014 23:24:37 +0100
Subject: [PATCH] Fix nvlist 'Bus Error' for Sparc

The mis-aligned memory accesses in nvpair_native_embedded() and
nvpair_native_embedded_array() will cause a 'Bus Error' for
architectures such as Sparc which not fully byte addressible.
To avoid this issue care is taken to avoid dereferencing the
potentially mis-aligned packed nvlist_t.

Signed-off-by: Brian Behlendorf <behlendorf1%llnl.gov@localhost>
Signed-off-by: Ned Bass <bass6%llnl.gov@localhost>
Signed-off-by: marku89 <mar42%kola.li@localhost>
Issue #1700

diffstat:

 external/cddl/osnet/dist/common/nvpair/nvpair.c |  6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diffs (23 lines):

diff -r 2ac0cd5782a6 -r 68e3fbfe831b external/cddl/osnet/dist/common/nvpair/nvpair.c
--- a/external/cddl/osnet/dist/common/nvpair/nvpair.c   Mon Mar 02 15:30:25 2020 +0000
+++ b/external/cddl/osnet/dist/common/nvpair/nvpair.c   Mon Mar 02 15:45:33 2020 +0000
@@ -2586,7 +2586,8 @@
                 * structure. The address may not be aligned, so we have
                 * to use bzero.
                 */
-               bzero(&packed->nvl_priv, sizeof (packed->nvl_priv));
+               bzero((char *)packed + offsetof(nvlist_t, nvl_priv),
+                   sizeof (uint64_t));
        }
 
        return (nvs_embedded(nvs, EMBEDDED_NVL(nvp)));
@@ -2614,7 +2615,8 @@
                         * packed structure. The address may not be aligned,
                         * so we have to use bzero.
                         */
-                       bzero(&packed->nvl_priv, sizeof (packed->nvl_priv));
+                       bzero((char *)packed + offsetof(nvlist_t, nvl_priv),
+                           sizeof (uint64_t));
        }
 
        return (nvs_embedded_nvl_array(nvs, nvp, NULL));



Home | Main Index | Thread Index | Old Index