From patchwork Thu Aug 10 14:02:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 3314 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:ed0c:b0:d7:3b0f:3938 with SMTP id oy12csp711357dyb; Thu, 10 Aug 2023 07:03:21 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHUwjEKTtsPucXxmF2C9/WdqCyJRxVhA/aWyuasKrzWe4Yw4PIFj1NrtgiV13fGqTWWWIEW X-Received: by 2002:a05:6870:5896:b0:1b0:3821:f09b with SMTP id be22-20020a056870589600b001b03821f09bmr1427452oab.13.1691676201082; Thu, 10 Aug 2023 07:03:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691676201; cv=none; d=google.com; s=arc-20160816; b=KW7dZmAiSh9pOyPwXDFM3GFjjNKGzgvGxHW/bn4s8dX+5PXye2GOUASzKS0P3PYFMa aaHozPOOJKzYm+3ZvBIO6E3cMQeJS/rs+9l/I+JsmitBNRP7yqf4I0lZwi2YvRat6Smp uvO0VdJTPbI19JaZwtYWbcJGshlRwPwK15v0jfbpgFbILh68kQAns7UkBaJeUr7b3POT jSdTvpCUctahSIi22fSCyJLBjSsZWNXaaSybk4He91ix7PRcG7QQEmpccG7JulhQxmGZ l6mI9wPJWzDwpEL4U9n5yoeUXc7Hg4I0UYyARuTZLMJigF17jh2gomWPVZDKMagLb6tx yPAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=zVFPWL4XQy8hxsVd0QHqgIYsEfmc02IFqkijwn4ZBhQ=; fh=upowIstEaPvyXBxHFaCeSfbprOF7d6h3Rt41IfheAVg=; b=M5Bg8jNSU+Y7ctss21klyZAXfye0bzxJDadB214gz8RWQNXuVEwbZKqhafmLdAgX0x 174VUxes8D5V3IBtK7st019dR4TeoHoCIBCiXwOkDxaIL1eSQQsUNqnVudQ3cLFCfy/9 dE3iGGR5qJRXzITi5tDKvdPDUqlpx7U5nCI7L38909rTGdy0yjYtMZaj4PPK0lohPbIc 8/npP3d0n8rJx8vnEW3jG7cFSDOthYzTQnvsJEcszexGMuIXYnDWRra2u7Nv4AUtDGOw qW69UWyvdq/Yq2rnhZoK4JObYVpwrGbxaI0lwR0/2XoAwf/S6/jqiDSjF0YN+3DEZBMd ttqw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="gWoQl/pi"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=a+JUCk5+; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id b12-20020a056830310c00b006af97fe5223si969237ots.37.2023.08.10.07.03.20 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 10 Aug 2023 07:03:21 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="gWoQl/pi"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=a+JUCk5+; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1qU6F7-00082r-Fn; Thu, 10 Aug 2023 14:02:25 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1qU6F6-00082l-6t for openvpn-devel@lists.sourceforge.net; Thu, 10 Aug 2023 14:02:24 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=oVj22EMMsQv0Zb/k379kCt9fLjPTpd3JS2M8OQ/Nfj0=; b=gWoQl/piOes4ogEAt3CLjWNEgE 1LrxCsbxNJn1Get+PE9yft34ZgAhJE24u/Dq99F1EGl2XoFQV+pBbzNerDp3ahU5dzhpwYNa72r0m 1KkxfVFIuOQQzSswWogAzu1PN9ud6f5O/JEhTbygL7dPnUd8o4SRVylcxNvhYR3cWo6s=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=oVj22EMMsQv0Zb/k379kCt9fLjPTpd3JS2M8OQ/Nfj0=; b=a+JUCk5+9Es4Ri8l4T07qCx8xK ThuudRx1EpTGSbyXXV9orFmiKXXlxga0Dp5ztCBm0sRC9ZPk9P4Z7CzqoptL1PUi2szaVRt7mXiwy jyIQdKhnCu0Y8CKoym5AicEAJrdsgwx7dIqcRONMfcI6/0jOXUaSRpGNjcz7aWACQ7f0=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1qU6F5-0004tE-6k for openvpn-devel@lists.sourceforge.net; Thu, 10 Aug 2023 14:02:24 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1qU6Es-000Bv9-Kl for openvpn-devel@lists.sourceforge.net; Thu, 10 Aug 2023 16:02:10 +0200 Received: (nullmailer pid 4047888 invoked by uid 10006); Thu, 10 Aug 2023 14:02:10 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Thu, 10 Aug 2023 16:02:10 +0200 Message-Id: <20230810140210.4047842-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230130172936.3444840-2-arne@rfc2549.org> References: <20230130172936.3444840-2-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Score: 0.3 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The undefined behaviour USAN clang checker found this. This fix is a bit messy but so are the original structures. Patch v2: handle the fact we need to beyond the struct ifr correctly when mapping the result to struct sockaddr_dl Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1qU6F5-0004tE-6k Subject: [Openvpn-devel] [PATCH v2] Fix unaligned access in macOS/Solaris hwaddr X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1756469456398997560?= X-GMAIL-MSGID: =?utf-8?q?1773851064347965723?= The undefined behaviour USAN clang checker found this. This fix is a bit messy but so are the original structures. Patch v2: handle the fact we need to beyond the struct ifr correctly when mapping the result to struct sockaddr_dl Change-Id: Ia797c8801fa9a9bc10b6674efde5fdbd7132e4a8 Signed-off-by: Arne Schwabe --- src/openvpn/route.c | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 90e981e97..bcf6fb878 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -3641,7 +3641,7 @@ get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) if (rgi->flags & RGI_IFACE_DEFINED) { struct ifconf ifc; - struct ifreq *ifr; + struct ifreq ifr; const int bufsize = 4096; char *buffer; @@ -3666,23 +3666,37 @@ get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) for (cp = buffer; cp <= buffer + ifc.ifc_len - sizeof(struct ifreq); ) { - ifr = (struct ifreq *)cp; + /* this is not always using an 8 byte alignment that struct ifr + * requires */ + memcpy(&ifr, cp, sizeof(struct ifreq)); #if defined(TARGET_SOLARIS) - const size_t len = sizeof(ifr->ifr_name) + sizeof(ifr->ifr_addr); + const size_t len = sizeof(ifr.ifr_name) + sizeof(ifr.ifr_addr); #else - const size_t len = sizeof(ifr->ifr_name) + max(sizeof(ifr->ifr_addr), ifr->ifr_addr.sa_len); + const size_t len = sizeof(ifr.ifr_name) + max(sizeof(ifr.ifr_addr), ifr.ifr_addr.sa_len); #endif - if (!ifr->ifr_addr.sa_family) + if (!ifr.ifr_addr.sa_family) { break; } - if (!strncmp(ifr->ifr_name, rgi->iface, IFNAMSIZ)) + if (!strncmp(ifr.ifr_name, rgi->iface, IFNAMSIZ)) { - if (ifr->ifr_addr.sa_family == AF_LINK) + if (ifr.ifr_addr.sa_family == AF_LINK) { - struct sockaddr_dl *sdl = (struct sockaddr_dl *)&ifr->ifr_addr; - memcpy(rgi->hwaddr, LLADDR(sdl), 6); + /* This is a broken member access. struct sockaddr_dl has + * 20 bytes while if_addr has only 16 bytes. So casting if_addr + * to struct sockaddr_dl gives (legitimate) warnings + * + * sockaddr_dl has 12 bytes space for the inrerface name and + * the hw address. So the last 4 that might be part of the + * hw address are not in if_addr, so we need + * + * So we use a memcpy here to avoid the warnings with ASAN + * that we are doing a very nasty cast here + */ + struct sockaddr_dl sdl = { 0 }; + memcpy(&sdl, cp + offsetof(struct ifreq, ifr_addr), sizeof(sdl)); + memcpy(rgi->hwaddr, LLADDR(&sdl), 6); rgi->flags |= RGI_HWADDR_DEFINED; } }