src - OpenBSD base system

diff options


context:
space:
mode:

author	brian <brian@cvs.openbsd.org>	1998-09-04 18:27:48 +0000
committer	brian <brian@cvs.openbsd.org>	1998-09-04 18:27:48 +0000
commit	dee8f5d4d9c11824c3068368df4ebc82878eb147 (patch)
tree	6f7fa4671aaca5573267615fcf785fc9bdf57a13 /usr.sbin/ppp
parent	ae7c14b52553016b88c8bd1df1cd3dbd32528b6f (diff)

Don't cast potentially unaligned addresses to pointers to

non-char types on non-i386 architectures. On Alpha and Sparc we get a bus error if we do.

Diffstat (limited to 'usr.sbin/ppp')

-rw-r--r--

usr.sbin/ppp/ppp/fsm.c

-rw-r--r--

usr.sbin/ppp/ppp/ipcp.c

-rw-r--r--

usr.sbin/ppp/ppp/lcp.c

-rw-r--r--

usr.sbin/ppp/ppp/mp.c

-rw-r--r--

usr.sbin/ppp/ppp/ua.h

5 files changed, 133 insertions, 53 deletions

diff --git a/usr.sbin/ppp/ppp/fsm.c b/usr.sbin/ppp/ppp/fsm.c
index 3f576adc368..b992f941f73 100644
--- a/usr.sbin/ppp/ppp/fsm.c
+++ b/usr.sbin/ppp/ppp/fsm.c

@@ -17,7 +17,7 @@

* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

- * $Id: fsm.c,v 1.1 1998/08/31 00:22:20 brian Exp $

+ * $Id: fsm.c,v 1.2 1998/09/04 18:27:45 brian Exp $

* TODO:

@@ -31,6 +31,7 @@

#include <string.h>

#include <termios.h>

+#include "ua.h"

#include "mbuf.h"

#include "log.h"

#include "defs.h"

@@ -848,14 +849,14 @@ FsmRecvEchoReq(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)

if (lcp) {

cp = MBUF_CTOP(bp);

- magic = ntohl(*(u_int32_t *)cp);

+ ua_ntohl(cp, &magic);

if (magic != lcp->his_magic) {

log_Printf(fp->LogLevel, "%s: RecvEchoReq: Error: His magic is bad!!\n",

fp->link->name);

/* XXX: We should send terminate request */

}

if (fp->state == ST_OPENED) {

- *(u_int32_t *)cp = htonl(lcp->want_magic); /* local magic */

+ ua_htonl(&lcp->want_magic, cp); /* local magic */

fsm_Output(fp, CODE_ECHOREP, lhp->id, cp, mbuf_Length(bp));

}

@@ -869,7 +870,7 @@ FsmRecvEchoRep(struct fsm *fp, struct fsmheader *lhp, struct mbuf *bp)

u_int32_t magic;

if (lcp) {

- magic = ntohl(*(u_int32_t *)MBUF_CTOP(bp));

+ ua_ntohl(MBUF_CTOP(bp), &magic);

/* Tolerate echo replies with either magic number */

if (magic != 0 && magic != lcp->his_magic && magic != lcp->want_magic) {

log_Printf(LogWARN,

diff --git a/usr.sbin/ppp/ppp/ipcp.c b/usr.sbin/ppp/ppp/ipcp.c
index 9cad8879252..dc089d14ec7 100644
--- a/usr.sbin/ppp/ppp/ipcp.c
+++ b/usr.sbin/ppp/ppp/ipcp.c

@@ -17,7 +17,7 @@

* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

- * $Id: ipcp.c,v 1.2 1998/08/31 08:16:39 brian Exp $

+ * $Id: ipcp.c,v 1.3 1998/09/04 18:27:46 brian Exp $

* TODO:

* o More RFC1772 backward compatibility

@@ -568,16 +568,18 @@ IpcpSendConfigReq(struct fsm *fp)

o = (struct lcp_opt *)buff;

if ((p && !physical_IsSync(p)) || !REJECTED(ipcp, TY_IPADDR)) {

- *(u_int32_t *)o->data = ipcp->my_ip.s_addr;

+ memcpy(o->data, &ipcp->my_ip.s_addr, 4);

INC_LCP_OPT(TY_IPADDR, 6, o);

}

if (ipcp->my_compproto && !REJECTED(ipcp, TY_COMPPROTO)) {

if (ipcp->heis1172) {

- *(u_int32_t *)o->data = htons(PROTO_VJCOMP);

+ u_int16_t proto = PROTO_VJCOMP;

+ ua_htons(&proto, o->data);

INC_LCP_OPT(TY_COMPPROTO, 4, o);

} else {

- *(u_int32_t *)o->data = htonl(ipcp->my_compproto);

+ ua_htonl(&ipcp->my_compproto, o->data);

INC_LCP_OPT(TY_COMPPROTO, 6, o);

}

@@ -587,9 +589,9 @@ IpcpSendConfigReq(struct fsm *fp)

!REJECTED(ipcp, TY_SECONDARY_DNS - TY_ADJUST_NS)) {

struct in_addr dns[2];

getdns(ipcp, dns);

- *(u_int32_t *)o->data = dns[0].s_addr;

+ memcpy(o->data, &dns[0].s_addr, 4);

INC_LCP_OPT(TY_PRIMARY_DNS, 6, o);

- *(u_int32_t *)o->data = dns[1].s_addr;

+ memcpy(o->data, &dns[1].s_addr, 4);

INC_LCP_OPT(TY_SECONDARY_DNS, 6, o);

}

@@ -795,7 +797,7 @@ IpcpDecodeConfig(struct fsm *fp, u_char * cp, int plen, int mode_type,

switch (type) {

case TY_IPADDR: /* RFC1332 */

- ipaddr.s_addr = *(u_int32_t *)(cp + 2);

+ memcpy(&ipaddr.s_addr, cp + 2, 4);

log_Printf(LogIPCP, "%s %s\n", tbuff, inet_ntoa(ipaddr));

switch (mode_type) {

@@ -868,7 +870,7 @@ IpcpDecodeConfig(struct fsm *fp, u_char * cp, int plen, int mode_type,

}

break;

case TY_COMPPROTO:

- compproto = htonl(*(u_int32_t *)(cp + 2));

+ memcpy(&compproto, cp + 2, 4);

log_Printf(LogIPCP, "%s %s\n", tbuff, vj2asc(compproto));

switch (mode_type) {

@@ -928,8 +930,8 @@ IpcpDecodeConfig(struct fsm *fp, u_char * cp, int plen, int mode_type,

}

break;

case TY_IPADDRS: /* RFC1172 */

- ipaddr.s_addr = *(u_int32_t *)(cp + 2);

- dstipaddr.s_addr = *(u_int32_t *)(cp + 6);

+ memcpy(&ipaddr.s_addr, cp + 2, 4);

+ memcpy(&dstipaddr.s_addr, cp + 6, 4);

snprintf(tbuff2, sizeof tbuff2, "%s %s,", tbuff, inet_ntoa(ipaddr));

log_Printf(LogIPCP, "%s %s\n", tbuff2, inet_ntoa(dstipaddr));

@@ -955,7 +957,7 @@ IpcpDecodeConfig(struct fsm *fp, u_char * cp, int plen, int mode_type,

case TY_PRIMARY_DNS: /* DNS negotiation (rfc1877) */

case TY_SECONDARY_DNS:

- ipaddr.s_addr = *(u_int32_t *)(cp + 2);

+ memcpy(&ipaddr.s_addr, cp + 2, 4);

log_Printf(LogIPCP, "%s %s\n", tbuff, inet_ntoa(ipaddr));

switch (mode_type) {

@@ -995,8 +997,7 @@ IpcpDecodeConfig(struct fsm *fp, u_char * cp, int plen, int mode_type,

case MODE_NAK: /* what does this mean?? */

if (IsEnabled(ipcp->cfg.ns.dns_neg)) {

gotdnsnak = 1;

- dnsnak[type == TY_PRIMARY_DNS ? 0 : 1].s_addr =

- *(u_int32_t *)(cp + 2);

+ memcpy(&dnsnak[type == TY_PRIMARY_DNS ? 0 : 1].s_addr, cp + 2, 4);

}

break;

case MODE_REJ: /* Can't do much, stop asking */

@@ -1007,7 +1008,7 @@ IpcpDecodeConfig(struct fsm *fp, u_char * cp, int plen, int mode_type,

case TY_PRIMARY_NBNS: /* M$ NetBIOS nameserver hack (rfc1877) */

case TY_SECONDARY_NBNS:

- ipaddr.s_addr = *(u_int32_t *)(cp + 2);

+ memcpy(&ipaddr.s_addr, cp + 2, 4);

log_Printf(LogIPCP, "%s %s\n", tbuff, inet_ntoa(ipaddr));

switch (mode_type) {

diff --git a/usr.sbin/ppp/ppp/lcp.c b/usr.sbin/ppp/ppp/lcp.c
index b506cefdb18..b3108fb4c57 100644
--- a/usr.sbin/ppp/ppp/lcp.c
+++ b/usr.sbin/ppp/ppp/lcp.c

@@ -17,7 +17,7 @@

* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

- * $Id: lcp.c,v 1.1 1998/08/31 00:22:22 brian Exp $

+ * $Id: lcp.c,v 1.2 1998/09/04 18:27:46 brian Exp $

* TODO:

* o Limit data field length by MRU

@@ -36,6 +36,7 @@

#include <termios.h>

#include <unistd.h>

+#include "ua.h"

#include "defs.h"

#include "command.h"

#include "mbuf.h"

@@ -295,6 +296,7 @@ LcpSendConfigReq(struct fsm *fp)

u_char buff[200];

struct lcp_opt *o;

struct mp *mp;

+ u_int16_t proto;

if (!p) {

log_Printf(LogERROR, "%s: LcpSendConfigReq: Not a physical link !\n",

@@ -311,35 +313,38 @@ LcpSendConfigReq(struct fsm *fp)

INC_LCP_OPT(TY_PROTOCOMP, 2, o);

if (!REJECTED(lcp, TY_ACCMAP)) {

- *(u_int32_t *)o->data = htonl(lcp->want_accmap);

+ ua_htonl(&lcp->want_accmap, o->data);

INC_LCP_OPT(TY_ACCMAP, 6, o);

}

if (!REJECTED(lcp, TY_MRU)) {

- *(u_int16_t *)o->data = htons(lcp->want_mru);

+ ua_htons(&lcp->want_mru, o->data);

INC_LCP_OPT(TY_MRU, 4, o);

}

if (lcp->want_magic && !REJECTED(lcp, TY_MAGICNUM)) {

- *(u_int32_t *)o->data = htonl(lcp->want_magic);

+ ua_htonl(&lcp->want_magic, o->data);

INC_LCP_OPT(TY_MAGICNUM, 6, o);

}

if (lcp->want_lqrperiod && !REJECTED(lcp, TY_QUALPROTO)) {

- *(u_int16_t *)o->data = htons(PROTO_LQR);

- *(u_int32_t *)(o->data + 2) = htonl(lcp->want_lqrperiod);

+ proto = PROTO_LQR;

+ ua_htons(&proto, o->data);

+ ua_htonl(&lcp->want_lqrperiod, o->data + 2);

INC_LCP_OPT(TY_QUALPROTO, 8, o);

}

switch (lcp->want_auth) {

case PROTO_PAP:

- *(u_int16_t *)o->data = htons(PROTO_PAP);

+ proto = PROTO_PAP;

+ ua_htons(&proto, o->data);

INC_LCP_OPT(TY_AUTHPROTO, 4, o);

break;

case PROTO_CHAP:

- *(u_int16_t *)o->data = htons(PROTO_CHAP);

+ proto = PROTO_CHAP;

+ ua_htons(&proto, o->data);

o->data[2] = 0x05;

INC_LCP_OPT(TY_AUTHPROTO, 5, o);

break;

@@ -366,7 +371,7 @@ LcpSendConfigReq(struct fsm *fp)

}

if (lcp->want_mrru && !REJECTED(lcp, TY_MRRU)) {

- *(u_int16_t *)o->data = htons(lcp->want_mrru);

+ ua_htons(&lcp->want_mrru, o->data);

INC_LCP_OPT(TY_MRRU, 4, o);

if (lcp->want_shortseq && !REJECTED(lcp, TY_SHORTSEQ))

@@ -479,7 +484,6 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

int type, length, sz, pos, op, callback_req;

u_int32_t magic, accmap;

u_short mtu, mru, proto;

- u_int16_t *sp;

struct lqrreq *req;

char request[20], desc[22];

struct mp *mp;

@@ -504,8 +508,7 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

switch (type) {

case TY_MRRU:

mp = &lcp->fsm.bundle->ncp.mp;

- sp = (u_int16_t *)(cp + 2);

- mru = htons(*sp);

+ ua_ntohs(cp + 2, &mru);

log_Printf(LogLCP, "%s %u\n", request, mru);

switch (mode_type) {

@@ -519,8 +522,8 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

if (mru < MIN_MRU || mru < mtu) {

/* Push him up to MTU or MIN_MRU */

lcp->his_mrru = mru < mtu ? mtu : MIN_MRU;

- *sp = htons((u_int16_t)lcp->his_mrru);

- memcpy(dec->nakend, cp, 4);

+ memcpy(dec->nakend, cp, 2);

+ ua_htons(&lcp->his_mrru, dec->nakend + 2);

dec->nakend += 4;

} else {

lcp->his_mrru = mtu ? mtu : mru;

@@ -554,8 +557,7 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

break;

case TY_MRU:

- sp = (u_int16_t *) (cp + 2);

- mru = htons(*sp);

+ ua_ntohs(cp + 2, &mru);

log_Printf(LogLCP, "%s %d\n", request, mru);

switch (mode_type) {

@@ -564,8 +566,8 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

if (mru < MIN_MRU || (!lcp->want_mrru && mru < mtu)) {

/* Push him up to MTU or MIN_MRU */

lcp->his_mru = mru < mtu ? mtu : MIN_MRU;

- *sp = htons((u_int16_t)lcp->his_mru);

- memcpy(dec->nakend, cp, 4);

+ memcpy(dec->nakend, cp, 2);

+ ua_htons(&lcp->his_mru, dec->nakend + 2);

dec->nakend += 4;

} else {

lcp->his_mru = mtu ? mtu : mru;

@@ -588,7 +590,7 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

break;

case TY_ACCMAP:

- accmap = htonl(*(u_int32_t *)(cp + 2));

+ ua_ntohl(cp + 2, &accmap);

log_Printf(LogLCP, "%s 0x%08lx\n", request, (u_long)accmap);

switch (mode_type) {

@@ -607,8 +609,7 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

break;

case TY_AUTHPROTO:

- sp = (u_int16_t *) (cp + 2);

- proto = ntohs(*sp);

+ ua_ntohs(cp + 2, &proto);

switch (proto) {

case PROTO_PAP:

log_Printf(LogLCP, "%s 0x%04x (PAP)\n", request, proto);

@@ -733,7 +734,7 @@ LcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

break;

case TY_MAGICNUM:

- magic = ntohl(*(u_int32_t *)(cp + 2));

+ ua_ntohl(cp + 2, &magic);

log_Printf(LogLCP, "%s 0x%08lx\n", request, (u_long)magic);

switch (mode_type) {

diff --git a/usr.sbin/ppp/ppp/mp.c b/usr.sbin/ppp/ppp/mp.c
index 5aecbb1633a..7a47f993e0c 100644
--- a/usr.sbin/ppp/ppp/mp.c
+++ b/usr.sbin/ppp/ppp/mp.c

@@ -23,7 +23,7 @@

* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

* SUCH DAMAGE.

- * $Id: mp.c,v 1.1 1998/08/31 00:22:25 brian Exp $

+ * $Id: mp.c,v 1.2 1998/09/04 18:27:47 brian Exp $

#include <sys/types.h>

@@ -44,6 +44,7 @@

#include <termios.h>

#include <unistd.h>

+#include "ua.h"

#include "defs.h"

#include "command.h"

#include "mbuf.h"

@@ -124,17 +125,19 @@ static int

mp_ReadHeader(struct mp *mp, struct mbuf *m, struct mp_header *header)

{

if (mp->local_is12bit) {

- header->seq = ntohs(*(u_int16_t *)MBUF_CTOP(m));

- if (header->seq & 0x3000) {

+ u_int16_t val;

+ ua_ntohs(MBUF_CTOP(m), &val);

+ if (val & 0x3000) {

log_Printf(LogWARN, "Oops - MP header without required zero bits\n");

return 0;

}

- header->begin = header->seq & 0x8000 ? 1 : 0;

- header->end = header->seq & 0x4000 ? 1 : 0;

- header->seq &= 0x0fff;

+ header->begin = val & 0x8000 ? 1 : 0;

+ header->end = val & 0x4000 ? 1 : 0;

+ header->seq = val & 0x0fff;

return 2;

} else {

- header->seq = ntohl(*(u_int32_t *)MBUF_CTOP(m));

+ ua_ntohl(MBUF_CTOP(m), &header->seq);

if (header->seq & 0x3f000000) {

log_Printf(LogWARN, "Oops - MP header without required zero bits\n");

return 0;

@@ -525,16 +528,16 @@ mp_Output(struct mp *mp, struct link *l, struct mbuf *m, u_int32_t begin,

mo = mbuf_Alloc(4, MB_MP);

mo->next = m;

if (mp->peer_is12bit) {

- u_int16_t *seq16;

+ u_int16_t val;

- seq16 = (u_int16_t *)MBUF_CTOP(mo);

- *seq16 = htons((begin << 15) | (end << 14) | (u_int16_t)mp->out.seq);

+ val = (begin << 15) | (end << 14) | (u_int16_t)mp->out.seq;

+ ua_htons(&val, MBUF_CTOP(mo));

mo->cnt = 2;

} else {

- u_int32_t *seq32;

+ u_int32_t val;

- seq32 = (u_int32_t *)MBUF_CTOP(mo);

- *seq32 = htonl((begin << 31) | (end << 30) | (u_int32_t)mp->out.seq);

+ val = (begin << 31) | (end << 30) | (u_int32_t)mp->out.seq;

+ ua_htonl(&val, MBUF_CTOP(mo));

mo->cnt = 4;

}

if (log_IsKept(LogDEBUG))

diff --git a/usr.sbin/ppp/ppp/ua.h b/usr.sbin/ppp/ppp/ua.h
new file mode 100644
index 00000000000..50fb8702ff7
--- /dev/null
+++ b/usr.sbin/ppp/ppp/ua.h

@@ -0,0 +1,74 @@

+/*-

+ *

+ * Redistribution and use in source and binary forms, with or without

+ * modification, are permitted provided that the following conditions

+ * are met:

+ * 1. Redistributions of source code must retain the above copyright

+ * notice, this list of conditions and the following disclaimer.

+ * 2. Redistributions in binary form must reproduce the above copyright

+ * notice, this list of conditions and the following disclaimer in the

+ * documentation and/or other materials provided with the distribution.

+ *

+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

+ * SUCH DAMAGE.

+ *

+ * $Id: ua.h,v 1.1 1998/09/04 18:27:47 brian Exp $

+ */

+#ifdef __i386__ /* Do any other archs not care about alignment ? */

+# define ua_htonl(src, tgt) (*(u_int32_t *)(tgt) = htonl(*(u_int32_t *)(src)))

+# define ua_ntohl(src, tgt) (*(u_int32_t *)(tgt) = ntohl(*(u_int32_t *)(src)))

+# define ua_htons(src, tgt) (*(u_int16_t *)(tgt) = htons(*(u_int16_t *)(src)))

+# define ua_ntohs(src, tgt) (*(u_int16_t *)(tgt) = ntohs(*(u_int16_t *)(src)))

+#else /* We care about alignment (or else drop a core !) */

+# define ua_htonl(src, tgt) \

+ do { \

+ u_int32_t __oh; \

+ memcpy(&__oh, (src), sizeof __oh); \

+ *(u_char *)(tgt) = __oh >> 24; \

+ *((u_char *)(tgt) + 1) = (__oh >> 16) & 0xff; \

+ *((u_char *)(tgt) + 2) = (__oh >> 8) & 0xff; \

+ *((u_char *)(tgt) + 3) = __oh & 0xff; \

+ } while (0)

+# define ua_ntohl(src, tgt) \

+ do { \

+ u_int32_t __nh; \

+ __nh = ((u_int32_t)*(u_char *)(src) << 24) | \

+ ((u_int32_t)*((u_char *)(src) + 1) << 16) | \

+ ((u_int32_t)*((u_char *)(src) + 2) << 8) | \

+ (u_int32_t)*((u_char *)(src) + 3); \

+ memcpy((tgt), &__nh, sizeof __nh); \

+ } while (0)

+# define ua_htons(src, tgt) \

+ do { \

+ u_int16_t __oh; \

+ memcpy(&__oh, (src), sizeof __oh); \

+ *(u_char *)(tgt) = __oh >> 8; \

+ *((u_char *)(tgt) + 1) = __oh & 0xff; \

+ } while (0)

+# define ua_ntohs(src, tgt) \

+ do { \

+ u_int32_t __nh; \

+ __nh = ((u_int32_t)*(u_char *)(src) << 8) | \

+ (u_int32_t)*((u_char *)(src) + 1); \

+ memcpy((tgt), &__nh, sizeof __nh); \

+ } while (0)

+#endif