From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 31548 invoked by alias); 18 Sep 2008 08:40:49 -0000 Received: (qmail 31530 invoked by uid 22791); 18 Sep 2008 08:40:48 -0000 X-Spam-Check-By: sourceware.org Received: from cantor2.suse.de (HELO mx2.suse.de) (195.135.220.15) by sourceware.org (qpsmtpd/0.31) with ESMTP; Thu, 18 Sep 2008 08:40:09 +0000 Received: from Relay1.suse.de (relay-ext.suse.de [195.135.221.8]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx2.suse.de (Postfix) with ESMTP id 4BA5845C7E for ; Thu, 18 Sep 2008 10:40:07 +0200 (CEST) From: Andreas Schwab To: libc-hacker@sourceware.org Subject: Unaligned addresses in resolver X-Yow: I will invent "TIDY BOWL"... Date: Thu, 18 Sep 2008 08:40:00 -0000 Message-ID: User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Mailing-List: contact libc-hacker-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-hacker-owner@sourceware.org X-SW-Source: 2008-09/txt/msg00001.txt.bz2 __libc_res_nsend can generate an unaligned address for the answer header. Andreas. 2008-09-18 Andreas Schwab * resolv/res_send.c (send_vc): Fix use of unaligned address. Properly handle partial reads. --- resolv/res_send.c 29 Jul 2008 10:01:10 +0200 1.58 +++ resolv/res_send.c 17 Sep 2008 18:07:56 +0200 @@ -734,11 +734,11 @@ send_vc(res_state statp, */ int recvresp1 = 0; int recvresp2 = buf2 == NULL; - read_len: - cp = ans; uint16_t rlen16; + read_len: + cp = (u_char *)&rlen16; len = sizeof(rlen16); - while ((n = TEMP_FAILURE_RETRY (read(statp->_vcsock, &rlen16, + while ((n = TEMP_FAILURE_RETRY (read(statp->_vcsock, cp, (int)len))) > 0) { cp += n; if ((len -= n) <= 0) @@ -778,8 +778,16 @@ send_vc(res_state statp, /* No buffer allocated for the first reply. We can try to use the rest of the user-provided buffer. */ +#ifdef _STRING_ARCH_unaligned *anssizp2 = orig_anssizp - resplen; *ansp2 = *ansp + resplen; +#else + int aligned_resplen + = ((resplen + __alignof__ (HEADER) - 1) + & (__alignof__ (HEADER) - 1)); + *anssizp2 = orig_anssizp - aligned_resplen; + *ansp2 = *ansp + aligned_resplen; +#endif } else { /* The first reply did not fit into the user-provided buffer. Maybe the second -- Andreas Schwab, SuSE Labs, schwab@suse.de SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different."