From 99e24f3df2cfe248414bb017404eb836d1b606da Mon Sep 17 00:00:00 2001 From: Kenneth R Westerback Date: Wed, 27 Feb 2013 17:26:00 +0000 Subject: Avoid alignment errors when processing routing messages by reading the messages into dynamically allocated memory rather than a char array on the stack. Revealed by armish bus error when installing latest snap. ok deraadt@ --- sbin/dhclient/dhclient.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'sbin') diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c index 591636e8bf8..dfe115a9454 100644 --- a/sbin/dhclient/dhclient.c +++ b/sbin/dhclient/dhclient.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dhclient.c,v 1.239 2013/02/24 01:10:28 krw Exp $ */ +/* $OpenBSD: dhclient.c,v 1.240 2013/02/27 17:25:59 krw Exp $ */ /* * Copyright 2004 Henning Brauer @@ -172,7 +172,6 @@ get_ifa(char *cp, int n) void routehandler(void) { - char msg[2048]; struct in_addr a, b; ssize_t n; int linkstat, rslt; @@ -182,16 +181,20 @@ routehandler(void) struct ifa_msghdr *ifam; struct if_announcemsghdr *ifan; struct sockaddr *sa; - char *errmsg; + char *errmsg, *rtmmsg; + + rtmmsg = calloc(1, 2048); + if (rtmmsg == NULL) + error("No memory for rtmmsg"); do { - n = read(routefd, &msg, sizeof(msg)); + n = read(routefd, rtmmsg, 2048); } while (n == -1 && errno == EINTR); - rtm = (struct rt_msghdr *)msg; + rtm = (struct rt_msghdr *)rtmmsg; if (n < sizeof(rtm->rtm_msglen) || n < rtm->rtm_msglen || rtm->rtm_version != RTM_VERSION) - return; + goto done; switch (rtm->rtm_type) { case RTM_NEWADDR: @@ -273,7 +276,7 @@ routehandler(void) warning("LLADDR changed; restarting"); ifi->flags |= IFI_NEW_LLADDR; quit = SIGHUP; - return; + goto done; } linkstat = @@ -314,13 +317,14 @@ routehandler(void) client->active->resolv_conf, strlen(client->active->resolv_conf)); +done: + free(rtmmsg); return; die: if (rslt == -1) error("no memory for errmsg"); error("%s; exiting", errmsg); - free(errmsg); } char **saved_argv; -- cgit v1.2.3