mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-25 07:07:52 +01:00
Code Issues Projects Releases Wiki Activity

Stop invoking undefined behaviour by using tor_free() on an unaligned pointer

Browse source 
... in get_interface_addresses_ioctl().

This pointer alignment issue exists on x86_64 macOS, but is unlikely to exist
elsewhere. (i386 macOS only requires 4-byte alignment, and other OSs have
8-byte ints.)

Fixes bug 24733; not in any released version of tor.
This commit is contained in:
teor 2017-12-24 22:36:52 +11:00 committed by Nick Mathewson
parent f5d89fab25
commit 54899b404c
2 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
changes/bug24733 Normal file
View file

@ -0,0 +1,6 @@
o Minor bugfixes (code correctness):
- Stop invoking undefined behaviour by using tor_free() on an unaligned
pointer in get_interface_addresses_ioctl(). This pointer alignment issue
exists on x86_64 macOS, but is unlikely to exist elsewhere.
Fixes bug 24733; bugfix on 0.3.0.0-alpha-dev;
not in any released version of tor.

6
src/common/address.c
View file

@ -1601,7 +1601,11 @@ get_interface_addresses_ioctl(int severity, sa_family_t family)
done: done:
if (fd >= 0) if (fd >= 0)
close(fd); close(fd);
tor_free(ifc.ifc_buf); /* On macOS, tor_free() loads ifc.ifc_buf, which leads to undefined
* behaviour, because it is always aligned at 8-bytes (ifc) plus 4 bytes
* (ifc_len and pragma pack(4)). So we use raw_free() instead. */
raw_free(ifc.ifc_buf);
ifc.ifc_buf = NULL;
return result; return result;
} }
#endif /* defined(HAVE_IFCONF_TO_SMARTLIST) */ #endif /* defined(HAVE_IFCONF_TO_SMARTLIST) */