This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Stefan Sperling gerrit-no-reply at lists.osmocom.orgStefan Sperling has uploaded this change for review. ( https://gerrit.osmocom.org/10027 Change subject: fix unaligned access in build_ipcp_pco() ...................................................................... fix unaligned access in build_ipcp_pco() Copy a struct ipcp_hdr to the stack, where it will be appropriately aligned by the compiler, rather than accessing the data through a potentially misaligned pointer. Change-Id: Ifc1a2b623dee99ecf188df14a0808fe8219a98bf Related: OS#3194 --- M ggsn/ggsn.c 1 file changed, 7 insertions(+), 5 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-ggsn refs/changes/27/10027/1 diff --git a/ggsn/ggsn.c b/ggsn/ggsn.c index 6d879c0..8e0e934 100644 --- a/ggsn/ggsn.c +++ b/ggsn/ggsn.c @@ -504,31 +504,33 @@ { const struct in46_addr *dns1 = &apn->v4.cfg.dns[0]; const struct in46_addr *dns2 = &apn->v4.cfg.dns[1]; - struct ipcp_hdr *ipcp; + struct ipcp_hdr ipcp; uint8_t *len1, *len2, *pco_ipcp; uint8_t *start = msg->tail; unsigned int len_appended; if (!(pco_ipcp = pco_contains_proto(&pdp->pco_req, PCO_P_IPCP))) return 0; - ipcp = (struct ipcp_hdr*) (pco_ipcp + 3); /* 2=type + 1=len */ + + /* Copy to stack avoids unaligned access on some platforms. */ + memcpy(&ipcp, pco_ipcp + 3, sizeof(ipcp)); /* 2=type + 1=len */ /* Three byte T16L header */ msgb_put_u16(msg, 0x8021); /* IPCP */ len1 = msgb_put(msg, 1); /* Length of contents: delay */ msgb_put_u8(msg, 0x02); /* ACK */ - msgb_put_u8(msg, ipcp->id); /* ID: Needs to match request */ + msgb_put_u8(msg, ipcp.id); /* ID: Needs to match request */ msgb_put_u8(msg, 0x00); /* Length MSB */ len2 = msgb_put(msg, 1); /* Length LSB: delay */ - if (dns1->len == 4 && ipcp_contains_option(ipcp, IPCP_OPT_PRIMARY_DNS)) { + if (dns1->len == 4 && ipcp_contains_option(&ipcp, IPCP_OPT_PRIMARY_DNS)) { msgb_put_u8(msg, 0x81); /* DNS1 Tag */ msgb_put_u8(msg, 2 + dns1->len);/* DNS1 Length, incl. TL */ msgb_put_u32(msg, ntohl(dns1->v4.s_addr)); } - if (dns2->len == 4 && ipcp_contains_option(ipcp, IPCP_OPT_SECONDARY_DNS)) { + if (dns2->len == 4 && ipcp_contains_option(&ipcp, IPCP_OPT_SECONDARY_DNS)) { msgb_put_u8(msg, 0x83); /* DNS2 Tag */ msgb_put_u8(msg, 2 + dns2->len);/* DNS2 Length, incl. TL */ msgb_put_u32(msg, ntohl(dns2->v4.s_addr)); -- To view, visit https://gerrit.osmocom.org/10027 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ggsn Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: Ifc1a2b623dee99ecf188df14a0808fe8219a98bf Gerrit-Change-Number: 10027 Gerrit-PatchSet: 1 Gerrit-Owner: Stefan Sperling <ssperling at sysmocom.de> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20180717/6baae7c2/attachment.htm>