diff options
author | Steffan Karger | 2016-11-13 14:17:27 +0100 |
---|---|---|
committer | Gert Doering | 2016-11-13 14:21:45 +0100 |
commit | 8cac9b98d58b97fbd5a23dd9f172a9843ecf5b50 (patch) | |
tree | 330f69855fa58a0fd7f4ddb99a8b299d13a1171d /src/openvpn/ps.c | |
parent | 14cb1639f7694cdd461bace5e273acd7722cd3cf (diff) | |
download | openvpn-8cac9b98d58b97fbd5a23dd9f172a9843ecf5b50.zip openvpn-8cac9b98d58b97fbd5a23dd9f172a9843ecf5b50.tar.gz |
Don't deference type-punned pointers
Dereferencing type-punned pointers is undefined behaviour according to the
C standard. We should either obey the standard, or ensure that all
supported compilers deal with dereferencing type-punned pointers as we
want them to. I think just obeying the standard is the easiest solution.
See e.g. http://blog.regehr.org/archives/959.
This commit refactors the offending code to use unions or memcpy() to
comply to strict aliasing rules.
Note that this also slightly changes mroute_addr_mask_host_bits(), to
behave as it was probably intended to: only mask the address part, not
also the port part of IPv6 adresses if MR_WITH_PORT is used (ie ma->len
is sizeof(struct in6_addr)+2).
v2: fix all strict aliasing occurrences, not just those in mroute.h
v3: add missing ntohs() in mroute_addr_print_ex()
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479043047-25883-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13017.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/ps.c')
-rw-r--r-- | src/openvpn/ps.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/openvpn/ps.c b/src/openvpn/ps.c index fe18a9d..2cb68f1 100644 --- a/src/openvpn/ps.c +++ b/src/openvpn/ps.c @@ -223,12 +223,12 @@ port_share_sendmsg (const socket_descriptor_t sd, if (socket_defined (sd_send)) { - *((socket_descriptor_t*)CMSG_DATA(h)) = sd_send; + memcpy (CMSG_DATA(h), &sd_send, sizeof (sd_send)); } else { socketpair (PF_UNIX, SOCK_DGRAM, 0, sd_null); - *((socket_descriptor_t*)CMSG_DATA(h)) = sd_null[0]; + memcpy (CMSG_DATA(h), &sd_null[0], sizeof (sd_null[0])); } status = sendmsg (sd, &mesg, MSG_NOSIGNAL); @@ -502,7 +502,8 @@ control_message_from_parent (const socket_descriptor_t sd_control, h->cmsg_len = CMSG_LEN(sizeof(socket_descriptor_t)); h->cmsg_level = SOL_SOCKET; h->cmsg_type = SCM_RIGHTS; - *((socket_descriptor_t*)CMSG_DATA(h)) = SOCKET_UNDEFINED; + static const socket_descriptor_t socket_undefined = SOCKET_UNDEFINED; + memcpy (CMSG_DATA(h), &socket_undefined, sizeof(socket_undefined)); status = recvmsg (sd_control, &mesg, MSG_NOSIGNAL); if (status != -1) @@ -516,7 +517,8 @@ control_message_from_parent (const socket_descriptor_t sd_control, } else { - const socket_descriptor_t received_fd = *((socket_descriptor_t*)CMSG_DATA(h)); + socket_descriptor_t received_fd; + memcpy (&received_fd, CMSG_DATA(h), sizeof(received_fd)); dmsg (D_PS_PROXY_DEBUG, "PORT SHARE PROXY: RECEIVED sd=%d", (int)received_fd); if (status >= 2 && command == COMMAND_REDIRECT) |