[openssl] master update

patrick.steuer at de.ibm.com patrick.steuer at de.ibm.com
Sat Nov 9 23:35:47 UTC 2019 

The branch master has been updated
       via  287e1a7eac1330f0e0e4fc443f9f762835246e9e (commit)
      from  fd4a6e7d1e51ad53f70ae75317da36418cae6458 (commit)


- Log -----------------------------------------------------------------
commit 287e1a7eac1330f0e0e4fc443f9f762835246e9e
Author: Patrick Steuer <patrick.steuer at de.ibm.com>
Date:   Sat Nov 2 16:31:28 2019 +0100

    bss_dgram.c: fix unaligned access
    
    char (alignment 1) casted to union sctp_notification (alignment > 1).
    
    Fixes: #9538
    
    Signed-off-by: Patrick Steuer <patrick.steuer at de.ibm.com>
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/10336)

-----------------------------------------------------------------------

Summary of changes:
 crypto/bio/bss_dgram.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index ff961450dd..fc17c9ed4d 100644
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -1009,7 +1009,6 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
     int ret = 0, n = 0, i, optval;
     socklen_t optlen;
     bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
-    union sctp_notification *snp;
     struct msghdr msg;
     struct iovec iov;
     struct cmsghdr *cmsg;
@@ -1075,8 +1074,10 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
             }
 
             if (msg.msg_flags & MSG_NOTIFICATION) {
-                snp = (union sctp_notification *)out;
-                if (snp->sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
+                union sctp_notification snp;
+
+                memcpy(&snp, out, sizeof(snp));
+                if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
 #  ifdef SCTP_EVENT
                     struct sctp_event event;
 #  else
@@ -1116,17 +1117,19 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
 #  endif
                 }
 #  ifdef SCTP_AUTHENTICATION_EVENT
-                if (snp->sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
-                    dgram_sctp_handle_auth_free_key_event(b, snp);
+                if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+                    dgram_sctp_handle_auth_free_key_event(b, &snp);
 #  endif
 
                 if (data->handle_notifications != NULL)
                     data->handle_notifications(b, data->notification_context,
                                                (void *)out);
 
+                memset(&snp, 0, sizeof(snp));
                 memset(out, 0, outl);
-            } else
+            } else {
                 ret += n;
+            }
         }
         while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR)
                && (ret < outl));

More information about the openssl-commits mailing list