From dc240913458d591f59b52b3899d3fc3c5d6ec6ce Mon Sep 17 00:00:00 2001
From: Matt Turner <mattst88@gmail.com>
Date: Wed, 17 Oct 2018 12:32:54 -0700
Subject: src: Use memcpy() to handle potentially unaligned data

Rolf Eike Beer <eike@sf-mail.de> reported that nft-expr_quota-test fails
with a SIGBUS on SPARC due to unaligned accesses. This patch resolves
that and fixes additional sources of unaligned accesses matching the
same pattern. Both nft-expr_quota-test and nft-expr_objref-test
generated unaligned accesses on DEC Alpha.

Bug: https://bugs.gentoo.org/666448
Signed-off-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/obj/counter.c    |  4 ++--
 src/obj/ct_helper.c  |  4 ++--
 src/obj/ct_timeout.c |  4 ++--
 src/obj/limit.c      | 10 +++++-----
 src/obj/quota.c      |  6 +++---
 src/obj/tunnel.c     | 28 ++++++++++++++--------------
 6 files changed, 28 insertions(+), 28 deletions(-)

(limited to 'src/obj')

diff --git a/src/obj/counter.c b/src/obj/counter.c
index 23b60c5..1baba4e 100644
--- a/src/obj/counter.c
+++ b/src/obj/counter.c
@@ -29,10 +29,10 @@ nftnl_obj_counter_set(struct nftnl_obj *e, uint16_t type,
 
 	switch(type) {
 	case NFTNL_OBJ_CTR_BYTES:
-		ctr->bytes = *((uint64_t *)data);
+		memcpy(&ctr->bytes, data, sizeof(ctr->bytes));
 		break;
 	case NFTNL_OBJ_CTR_PKTS:
-		ctr->pkts = *((uint64_t *)data);
+		memcpy(&ctr->pkts, data, sizeof(ctr->pkts));
 		break;
 	default:
 		return -1;
diff --git a/src/obj/ct_helper.c b/src/obj/ct_helper.c
index 5a689b1..d91f636 100644
--- a/src/obj/ct_helper.c
+++ b/src/obj/ct_helper.c
@@ -32,10 +32,10 @@ static int nftnl_obj_ct_helper_set(struct nftnl_obj *e, uint16_t type,
 		snprintf(helper->name, sizeof(helper->name), "%s", (const char *)data);
 		break;
 	case NFTNL_OBJ_CT_HELPER_L3PROTO:
-		helper->l3proto = *((uint16_t *)data);
+		memcpy(&helper->l3proto, data, sizeof(helper->l3proto));
 		break;
 	case NFTNL_OBJ_CT_HELPER_L4PROTO:
-		helper->l4proto = *((uint8_t *)data);
+		memcpy(&helper->l4proto, data, sizeof(helper->l4proto));
 		break;
 	default:
 		return -1;
diff --git a/src/obj/ct_timeout.c b/src/obj/ct_timeout.c
index 12c8f5f..e2e9991 100644
--- a/src/obj/ct_timeout.c
+++ b/src/obj/ct_timeout.c
@@ -148,10 +148,10 @@ static int nftnl_obj_ct_timeout_set(struct nftnl_obj *e, uint16_t type,
 
 	switch (type) {
 	case NFTNL_OBJ_CT_TIMEOUT_L3PROTO:
-		timeout->l3proto = *((uint16_t *)data);
+		memcpy(&timeout->l3proto, data, sizeof(timeout->l3proto));
 		break;
 	case NFTNL_OBJ_CT_TIMEOUT_L4PROTO:
-		timeout->l4proto = *((uint8_t *)data);
+		memcpy(&timeout->l4proto, data, sizeof(timeout->l4proto));
 		break;
 	case NFTNL_OBJ_CT_TIMEOUT_ARRAY:
 		memcpy(timeout->timeout, data,
diff --git a/src/obj/limit.c b/src/obj/limit.c
index b0ed4c8..60b0159 100644
--- a/src/obj/limit.c
+++ b/src/obj/limit.c
@@ -28,19 +28,19 @@ static int nftnl_obj_limit_set(struct nftnl_obj *e, uint16_t type,
 
 	switch (type) {
 	case NFTNL_OBJ_LIMIT_RATE:
-		limit->rate = *((uint64_t *)data);
+		memcpy(&limit->rate, data, sizeof(limit->rate));
 		break;
 	case NFTNL_OBJ_LIMIT_UNIT:
-		limit->unit = *((uint64_t *)data);
+		memcpy(&limit->unit, data, sizeof(limit->unit));
 		break;
 	case NFTNL_OBJ_LIMIT_BURST:
-		limit->burst = *((uint32_t *)data);
+		memcpy(&limit->burst, data, sizeof(limit->burst));
 		break;
 	case NFTNL_OBJ_LIMIT_TYPE:
-		limit->type = *((uint32_t *)data);
+		memcpy(&limit->type, data, sizeof(limit->type));
 		break;
 	case NFTNL_OBJ_LIMIT_FLAGS:
-		limit->flags = *((uint32_t *)data);
+		memcpy(&limit->flags, data, sizeof(limit->flags));
 		break;
 	default:
 		return -1;
diff --git a/src/obj/quota.c b/src/obj/quota.c
index b1a3f7e..1914037 100644
--- a/src/obj/quota.c
+++ b/src/obj/quota.c
@@ -28,13 +28,13 @@ static int nftnl_obj_quota_set(struct nftnl_obj *e, uint16_t type,
 
 	switch (type) {
 	case NFTNL_OBJ_QUOTA_BYTES:
-		quota->bytes = *((uint64_t *)data);
+		memcpy(&quota->bytes, data, sizeof(quota->bytes));
 		break;
 	case NFTNL_OBJ_QUOTA_CONSUMED:
-		quota->consumed = *((uint64_t *)data);
+		memcpy(&quota->consumed, data, sizeof(quota->consumed));
 		break;
 	case NFTNL_OBJ_QUOTA_FLAGS:
-		quota->flags = *((uint32_t *)data);
+		memcpy(&quota->flags, data, sizeof(quota->flags));
 		break;
 	default:
 		return -1;
diff --git a/src/obj/tunnel.c b/src/obj/tunnel.c
index 5b2d9de..7ffade8 100644
--- a/src/obj/tunnel.c
+++ b/src/obj/tunnel.c
@@ -29,13 +29,13 @@ nftnl_obj_tunnel_set(struct nftnl_obj *e, uint16_t type,
 
 	switch (type) {
 	case NFTNL_OBJ_TUNNEL_ID:
-		tun->id = *((uint32_t *)data);
+		memcpy(&tun->id, data, sizeof(tun->id));
 		break;
 	case NFTNL_OBJ_TUNNEL_IPV4_SRC:
-		tun->src_v4 = *((uint32_t *)data);
+		memcpy(&tun->src_v4, data, sizeof(tun->src_v4));
 		break;
 	case NFTNL_OBJ_TUNNEL_IPV4_DST:
-		tun->dst_v4 = *((uint32_t *)data);
+		memcpy(&tun->dst_v4, data, sizeof(tun->dst_v4));
 		break;
 	case NFTNL_OBJ_TUNNEL_IPV6_SRC:
 		memcpy(&tun->src_v6, data, sizeof(struct in6_addr));
@@ -44,37 +44,37 @@ nftnl_obj_tunnel_set(struct nftnl_obj *e, uint16_t type,
 		memcpy(&tun->dst_v6, data, sizeof(struct in6_addr));
 		break;
 	case NFTNL_OBJ_TUNNEL_IPV6_FLOWLABEL:
-		tun->flowlabel = (*(uint32_t *)data);
+		memcpy(&tun->flowlabel, data, sizeof(tun->flowlabel));
 		break;
 	case NFTNL_OBJ_TUNNEL_SPORT:
-		tun->sport = (*(uint16_t *)data);
+		memcpy(&tun->sport, data, sizeof(tun->sport));
 		break;
 	case NFTNL_OBJ_TUNNEL_DPORT:
-		tun->dport = (*(uint16_t *)data);
+		memcpy(&tun->dport, data, sizeof(tun->dport));
 		break;
 	case NFTNL_OBJ_TUNNEL_FLAGS:
-		tun->tun_flags = (*(uint32_t *)data);
+		memcpy(&tun->tun_flags, data, sizeof(tun->tun_flags));
 		break;
 	case NFTNL_OBJ_TUNNEL_TOS:
-		tun->tun_tos = (*(uint8_t *)data);
+		memcpy(&tun->tun_tos, data, sizeof(tun->tun_tos));
 		break;
 	case NFTNL_OBJ_TUNNEL_TTL:
-		tun->tun_ttl = (*(uint8_t *)data);
+		memcpy(&tun->tun_ttl, data, sizeof(tun->tun_ttl));
 		break;
 	case NFTNL_OBJ_TUNNEL_VXLAN_GBP:
-		tun->u.tun_vxlan.gbp = (*(uint32_t *)data);
+		memcpy(&tun->u.tun_vxlan.gbp, data, sizeof(tun->u.tun_vxlan.gbp));
 		break;
 	case NFTNL_OBJ_TUNNEL_ERSPAN_VERSION:
-		tun->u.tun_erspan.version = (*(uint32_t *)data);
+		memcpy(&tun->u.tun_erspan.version, data, sizeof(tun->u.tun_erspan.version));
 		break;
 	case NFTNL_OBJ_TUNNEL_ERSPAN_V1_INDEX:
-		tun->u.tun_erspan.u.v1_index = (*(uint32_t *)data);
+		memcpy(&tun->u.tun_erspan.u.v1_index, data, sizeof(tun->u.tun_erspan.u.v1_index));
 		break;
 	case NFTNL_OBJ_TUNNEL_ERSPAN_V2_HWID:
-		tun->u.tun_erspan.u.v2.hwid = (*(uint8_t *)data);
+		memcpy(&tun->u.tun_erspan.u.v2.hwid, data, sizeof(tun->u.tun_erspan.u.v2.hwid));
 		break;
 	case NFTNL_OBJ_TUNNEL_ERSPAN_V2_DIR:
-		tun->u.tun_erspan.u.v2.dir = (*(uint8_t *)data);
+		memcpy(&tun->u.tun_erspan.u.v2.dir, data, sizeof(tun->u.tun_erspan.u.v2.dir));
 		break;
 	default:
 		return -1;
-- 
cgit v1.2.3