Fix undefined behavior in misaligned pointer usage

Detected by UBSan and already fixed upstream. Cherry-pick: From aa0218d6a12814fac50b287214f9f3b0b99e11b1 Mon Sep 17 00:00:00 2001 From: Brian Behlendorf <behlendorf1@llnl.gov> Date: Tue, 7 Jan 2014 23:24:37 +0100 Subject: [PATCH] Fix nvlist 'Bus Error' for Sparc The mis-aligned memory accesses in nvpair_native_embedded() and nvpair_native_embedded_array() will cause a 'Bus Error' for architectures such as Sparc which not fully byte addressible. To avoid this issue care is taken to avoid dereferencing the potentially mis-aligned packed nvlist_t. Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Ned Bass <bass6@llnl.gov> Signed-off-by: marku89 <mar42@kola.li> Issue #1700
2020-03-02 15:45:33 +00:00 · 2020-03-02 15:45:33 +00:00 · ce57424237
parent 454e43c47d
commit ce57424237
1 changed files with 4 additions and 2 deletions
--- a/external/cddl/osnet/dist/common/nvpair/nvpair.c
+++ b/external/cddl/osnet/dist/common/nvpair/nvpair.c
@ -2586,7 +2586,8 @@ nvpair_native_embedded(nvstream_t *nvs, nvpair_t *nvp)
 		 * structure. The address may not be aligned, so we have
 		 * to use bzero.
 		 */
-		bzero(&packed->nvl_priv, sizeof (packed->nvl_priv));
+		bzero((char *)packed + offsetof(nvlist_t, nvl_priv),
+		    sizeof (uint64_t));
 	}

 	return (nvs_embedded(nvs, EMBEDDED_NVL(nvp)));
@ -2614,7 +2615,8 @@ nvpair_native_embedded_array(nvstream_t *nvs, nvpair_t *nvp)
 			 * packed structure. The address may not be aligned,
 			 * so we have to use bzero.
 			 */
-			bzero(&packed->nvl_priv, sizeof (packed->nvl_priv));
+			bzero((char *)packed + offsetof(nvlist_t, nvl_priv),
+			    sizeof (uint64_t));
 	}

 	return (nvs_embedded_nvl_array(nvs, nvp, NULL));