[Openvpn-devel] [PATCH v2] ntlm: avoid breaking anti-aliasing rules

Tue, 15 Aug 2017 18:00:07 -0700 

From: Antonio Quartulli <anto...@open-mesh.com>

The problem is visible when compiling with -O2:

ntlm.c: In function ‘ntlm_phase_3’:
ntlm.c:305:9: warning: dereferencing type-punned pointer will break 
strict-aliasing rules [-Wstrict-aliasing]
         if ((*((long *)&buf2[0x14]) & 0x00800000) == 0x00800000)

The spec suggests to interpret those 4 bytes as a long, but
this needs to be done carefully.

Signed-off-by: Antonio Quartulli <anto...@openvpn.net>
---

v2: remove htonl/ntohl conversion as there is none in the original code


 src/openvpn/ntlm.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/openvpn/ntlm.c b/src/openvpn/ntlm.c
index 167c10b8..658c875e 100644
--- a/src/openvpn/ntlm.c
+++ b/src/openvpn/ntlm.c
@@ -302,7 +302,19 @@ ntlm_phase_3(const struct http_proxy_info *p, const char 
*phase_2,
         /* Add target information block to the blob */
 
         /* Check for Target Information block */
-        if ((*((long *)&buf2[0x14]) & 0x00800000) == 0x00800000)
+        /* The NTLM spec instructs to interpret these 4 consecutive bytes as a
+         * 32bit long integer. However, no endianness is specified.
+         * The code here and that found in other NTLM implementations point
+         * towards the assumption that the byte order on the wire has to
+         * match the order on the sending and receiving hosts. Probably NTLM 
has
+         * been thought to be always running on x86_64/i386 machine thus
+         * implying Little-Endian everywhere.
+         *
+         * This said, in case of future changes, we should keep in mind that 
the
+         * byte order on the wire for the NTLM header is LE.
+         */
+        unsigned long *flags = (unsigned long *)(buf2 + 0x14);
+        if ((*flags & 0x00800000) == 0x00800000)
         {
             tib_len = buf2[0x28];            /* Get Target Information block 
size */
             if (tib_len > 96)
-- 
2.14.0


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to