![[RTEMS Logo]](/images/logo.png){kind=logo}
Opened on 02/03/15 at 20:26:58
Closed on 02/23/15 at 17:28:51
#2248 closed defect (fixed)
misaligned pointer dereference in clnt_udp.c line 363
| Reported by: | Jeffrey Hill | Owned by: | Jeffrey Hill <johill@…> |
|---|---|---|---|
| Priority: | normal | Milestone: | 4.11 |
| Component: | score | Version: | 4.10 |
| Severity: | normal | Keywords: | |
| Cc: | Blocked By: | ||
| Blocking: |
Description
We see a misaligned pointer address violation at clnt_udp.c 363. Perhaps no one is hosting udp sun rpc services on RTEMS recently?
This patch fixes the previous revision on the following source file which was probably installed to fix a gcc aliasing warning.
cpukit/librpc/src/rpc/clnt_udp.c
@@ -89,13 +89,13 @@ struct cu_data {
u_int cu_xdrpos;
u_int cu_sendsz; /* send size */
union {
- u_int32_t *i32;
+ u_int32_t *pi32;
char *c;
} _cu_outbuf;
#define cu_outbuf _cu_outbuf.c
u_int cu_recvsz; /* recv size */
union {
- u_int32_t * i32;
+ u_int32_t i32;
char c[1];
} _cu_inbuf;
#define cu_inbuf _cu_inbuf.c
@@ -360,7 +360,7 @@ send_again:
if (inlen < sizeof(u_int32_t))
continue;
/* see if reply transaction id matches sent id */
- if (*(cu->_cu_inbuf.i32) != *(cu->_cu_outbuf.i32))
+ if ( cu->_cu_inbuf.i32 != *cu->_cu_outbuf.pi32 )
continue;
/* we now assume we have the proper reply */
break;
Attachments (1)
Change History (3)
Changed on 02/03/15 at 20:31:35 by Jeffrey Hill
| Attachment: | clnt_udp_bug.txt added |
|---|
comment:1 Changed on 02/23/15 at 17:27:55 by Jeffrey Hill <johill@…>
comment:2 Changed on 02/23/15 at 17:28:51 by Jeffrey Hill <johill@…>
| Owner: | set to Jeffrey Hill <johill@…> |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
diffs and bug details