CVS commit: src

Thu, 10 Aug 2023 13:49:29 -0700 

Module Name:    src
Committed By:   mrg
Date:           Thu Aug 10 20:49:20 UTC 2023

Modified Files:
        src/sys/dev/acpi/wmi: wmi_acpi.c
        src/sys/dev/ieee1394: fwohci.c
        src/sys/ufs/ext2fs: ext2fs_lookup.c
        src/sys/ufs/ufs: ufs_lookup.c
        src/usr.sbin/fwctl: fwdv.c

Log Message:
don't assign struct pointers to smaller then structure regions of memory.

in all cases here, the later parts of the structure are not actually
accessed, so there are no existing bugs here beyond general UB.  for the
ufs ones, this also removes some casts.

found by GCC 12.


To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 src/sys/dev/acpi/wmi/wmi_acpi.c
cvs rdiff -u -r1.151 -r1.152 src/sys/dev/ieee1394/fwohci.c
cvs rdiff -u -r1.92 -r1.93 src/sys/ufs/ext2fs/ext2fs_lookup.c
cvs rdiff -u -r1.157 -r1.158 src/sys/ufs/ufs/ufs_lookup.c
cvs rdiff -u -r1.8 -r1.9 src/usr.sbin/fwctl/fwdv.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/dev/acpi/wmi/wmi_acpi.c
diff -u src/sys/dev/acpi/wmi/wmi_acpi.c:1.21 src/sys/dev/acpi/wmi/wmi_acpi.c:1.22
--- src/sys/dev/acpi/wmi/wmi_acpi.c:1.21	Wed May 10 00:08:22 2023
+++ src/sys/dev/acpi/wmi/wmi_acpi.c	Thu Aug 10 20:49:19 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: wmi_acpi.c,v 1.21 2023/05/10 00:08:22 riastradh Exp $	*/
+/*	$NetBSD: wmi_acpi.c,v 1.22 2023/08/10 20:49:19 mrg Exp $	*/
 
 /*-
  * Copyright (c) 2009, 2010 Jukka Ruohonen <jruoho...@iki.fi>
@@ -27,7 +27,7 @@
  * SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: wmi_acpi.c,v 1.21 2023/05/10 00:08:22 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: wmi_acpi.c,v 1.22 2023/08/10 20:49:19 mrg Exp $");
 
 #include <sys/param.h>
 #include <sys/device.h>
@@ -321,7 +321,7 @@ acpi_wmi_guid_get(struct acpi_wmi_softc 
 {
 	struct wmi_t *wmi;
 	struct guid_t *guid;
-	char bin[16];
+	char bin[MAX(16, sizeof(*guid))];
 	char hex[3];
 	const char *ptr;
 	uint8_t i;

Index: src/sys/dev/ieee1394/fwohci.c
diff -u src/sys/dev/ieee1394/fwohci.c:1.151 src/sys/dev/ieee1394/fwohci.c:1.152
--- src/sys/dev/ieee1394/fwohci.c:1.151	Sun Jul  3 19:58:42 2022
+++ src/sys/dev/ieee1394/fwohci.c	Thu Aug 10 20:49:20 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: fwohci.c,v 1.151 2022/07/03 19:58:42 andvar Exp $	*/
+/*	$NetBSD: fwohci.c,v 1.152 2023/08/10 20:49:20 mrg Exp $	*/
 
 /*-
  * Copyright (c) 2003 Hidetoshi Shimokawa
@@ -37,7 +37,7 @@
  *
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: fwohci.c,v 1.151 2022/07/03 19:58:42 andvar Exp $");
+__KERNEL_RCSID(0, "$NetBSD: fwohci.c,v 1.152 2023/08/10 20:49:20 mrg Exp $");
 
 #include <sys/param.h>
 #include <sys/atomic.h>
@@ -2643,17 +2643,20 @@ static int
 fwohci_arcv_swap(struct fw_pkt *fp, int len)
 {
 	struct fw_pkt *fp0;
-	uint32_t ld0;
+	union {
+		uint32_t ld0;
+		struct fw_pkt pkt;
+	} pktu;
 	int hlen;
 #if BYTE_ORDER == BIG_ENDIAN
 	int slen, i;
 #endif
 
-	ld0 = FWOHCI_DMA_READ(fp->mode.ld[0]);
+	pktu.ld0 = FWOHCI_DMA_READ(fp->mode.ld[0]);
 #if 0
-	printf("ld0: x%08x\n", ld0);
+	printf("ld0: x%08x\n", pktu.ld0);
 #endif
-	fp0 = (struct fw_pkt *)&ld0;
+	fp0 = (struct fw_pkt *)&pktu;
 	/* determine length to swap */
 	switch (fp0->mode.common.tcode) {
 	case FWTCODE_WRES:

Index: src/sys/ufs/ext2fs/ext2fs_lookup.c
diff -u src/sys/ufs/ext2fs/ext2fs_lookup.c:1.92 src/sys/ufs/ext2fs/ext2fs_lookup.c:1.93
--- src/sys/ufs/ext2fs/ext2fs_lookup.c:1.92	Sat Aug  6 18:26:42 2022
+++ src/sys/ufs/ext2fs/ext2fs_lookup.c	Thu Aug 10 20:49:19 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: ext2fs_lookup.c,v 1.92 2022/08/06 18:26:42 andvar Exp $	*/
+/*	$NetBSD: ext2fs_lookup.c,v 1.93 2023/08/10 20:49:19 mrg Exp $	*/
 
 /*
  * Modified for NetBSD 1.2E
@@ -48,7 +48,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ext2fs_lookup.c,v 1.92 2022/08/06 18:26:42 andvar Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ext2fs_lookup.c,v 1.93 2023/08/10 20:49:19 mrg Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -1126,8 +1126,8 @@ int
 ext2fs_dirempty(struct inode *ip, ino_t parentino, kauth_cred_t cred)
 {
 	off_t off;
-	struct ext2fs_dirtemplate dbuf;
-	struct ext2fs_direct *dp = (struct ext2fs_direct *)&dbuf;
+	struct ext2fs_direct dbuf;
+	struct ext2fs_direct *dp = &dbuf;
 	int error, namlen;
 	size_t count;
 

Index: src/sys/ufs/ufs/ufs_lookup.c
diff -u src/sys/ufs/ufs/ufs_lookup.c:1.157 src/sys/ufs/ufs/ufs_lookup.c:1.158
--- src/sys/ufs/ufs/ufs_lookup.c:1.157	Wed Feb 22 21:49:45 2023
+++ src/sys/ufs/ufs/ufs_lookup.c	Thu Aug 10 20:49:20 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: ufs_lookup.c,v 1.157 2023/02/22 21:49:45 riastradh Exp $	*/
+/*	$NetBSD: ufs_lookup.c,v 1.158 2023/08/10 20:49:20 mrg Exp $	*/
 
 /*
  * Copyright (c) 1989, 1993
@@ -37,7 +37,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ufs_lookup.c,v 1.157 2023/02/22 21:49:45 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ufs_lookup.c,v 1.158 2023/08/10 20:49:20 mrg Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_ffs.h"
@@ -1297,8 +1297,8 @@ int
 ufs_dirempty(struct inode *ip, ino_t parentino, kauth_cred_t cred)
 {
 	doff_t off;
-	struct dirtemplate dbuf;
-	struct direct *dp = (void *)&dbuf;
+	struct direct dbuf;
+	struct direct *dp = &dbuf;
 	int error;
 	size_t count;
 	const int needswap = UFS_IPNEEDSWAP(ip);

Index: src/usr.sbin/fwctl/fwdv.c
diff -u src/usr.sbin/fwctl/fwdv.c:1.8 src/usr.sbin/fwctl/fwdv.c:1.9
--- src/usr.sbin/fwctl/fwdv.c:1.8	Sat Oct 19 17:06:57 2013
+++ src/usr.sbin/fwctl/fwdv.c	Thu Aug 10 20:49:20 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: fwdv.c,v 1.8 2013/10/19 17:06:57 christos Exp $	*/
+/*	$NetBSD: fwdv.c,v 1.9 2023/08/10 20:49:20 mrg Exp $	*/
 /*
  * Copyright (C) 2003
  * 	Hidetoshi Shimokawa. All rights reserved.
@@ -268,7 +268,15 @@ dvsend(int d, const char *filename, char
 	int lsystem=-1, pad_acc, cycle_acc, cycle, f_frac;
 	struct iovec wbuf[TNBUF*2 + NEMPTY];
 	char *pbuf;
-	uint32_t iso_data, iso_empty, hdr[TNBUF + NEMPTY][3];
+	uint32_t hdr[TNBUF + NEMPTY][3];
+	union {
+		uint32_t iso_empty;
+		struct fw_pkt pkt;
+	} empty_pkt;
+	union {
+		uint32_t iso_data;
+		struct fw_pkt pkt;
+	} data_pkt;
 	struct ciphdr *ciph;
 	struct timeval start, end;
 	double rtime;
@@ -297,18 +305,18 @@ dvsend(int d, const char *filename, char
 	if (ioctl(d, FW_STSTREAM, &isoreq) < 0)
 		err(EXIT_FAILURE, "%s: ioctl FW_STSTREAM", __func__);
 
-	iso_data = 0;
-	pkt = (struct fw_pkt *) &iso_data;
+	data_pkt.iso_data = 0;
+	pkt = &data_pkt.pkt;
 	pkt->mode.stream.len = DSIZE + sizeof(struct ciphdr);
 	pkt->mode.stream.sy = 0;
 	pkt->mode.stream.tcode = FWTCODE_STREAM;
 	pkt->mode.stream.chtag = ich;
-	iso_empty = iso_data;
-	pkt = (struct fw_pkt *) &iso_empty;
+	empty_pkt.iso_empty = data_pkt.iso_data;
+	pkt = &empty_pkt.pkt;
 	pkt->mode.stream.len = sizeof(struct ciphdr);
 
 	bzero(hdr[0], sizeof(hdr[0]));
-	hdr[0][0] = iso_data;
+	hdr[0][0] = data_pkt.iso_data;
 	ciph = (struct ciphdr *)&hdr[0][1];
 	ciph->src = 0;	 /* XXX */
 	ciph->len = 120;
@@ -388,13 +396,13 @@ next:
 		if (pad_acc >= pad_rate[lsystem].d) {
 			pad_acc -= pad_rate[lsystem].d;
 			bcopy(hdr[nhdr], hdr[nhdr+1], sizeof(hdr[0]));
-			hdr[nhdr][0] = iso_empty;
+			hdr[nhdr][0] = empty_pkt.iso_empty;
 			wbuf[vec].iov_base = (char *)hdr[nhdr];
 			wbuf[vec++].iov_len = sizeof(hdr[0]);
 			nhdr ++;
 			cycle ++;
 		}
-		hdr[nhdr][0] = iso_data;
+		hdr[nhdr][0] = data_pkt.iso_data;
 		wbuf[vec].iov_base = (char *)hdr[nhdr];
 		wbuf[vec++].iov_len = sizeof(hdr[0]);
 		wbuf[vec].iov_base = (char *)dv;

Reply via email to