Bug 98035 - ubsan: misaligned access originating in dbus_message_set_reply_serial()
Summary: ubsan: misaligned access originating in dbus_message_set_reply_serial()
Status: RESOLVED FIXED
Alias: None
Product: dbus
Classification: Unclassified
Component: core (show other bugs)
Version: git master
Hardware: Other All
: medium normal
Assignee: D-Bus Maintainers
QA Contact: D-Bus Maintainers
URL:
Whiteboard: review+
Keywords: patch
Depends on:
Blocks:
 
Reported: 2016-10-03 21:02 UTC by Marc Mutz
Modified: 2016-10-04 19:09 UTC (History)
0 users

See Also:
i915 platform:
i915 features:


Attachments
Git commit fixing the issue. (2.38 KB, patch)
2016-10-03 21:02 UTC, Marc Mutz
Details | Splinter Review
Revised version (2.53 KB, patch)
2016-10-03 21:05 UTC, Marc Mutz
Details | Splinter Review

Note You need to log in before you can comment on or make changes to this bug.
Description Marc Mutz 2016-10-03 21:02:32 UTC
Created attachment 126981 [details] [review]
Git commit fixing the issue.

UBSan report:

  dbus/dbus/dbus-marshal-basic.c:832:14: runtime error: member access within misaligned address 0x7fdb8dac3a04 for type 'const union DBusBasicValue', which requires 8 byte alignment
  0x7fdb8dac3a04: note: pointer points here
    4a 87 b5 71 01 00 00 00  40 7d 01 00 00 61 00 00  10 3b ac 8d db 7f 00 00  2c 2a 3e 94 db 7f 00 00
                ^
    #0 0x7fdb9444a2c3 in _dbus_marshal_write_basic dbus/dbus/dbus-marshal-basic.c:832
    #1 0x7fdb943d22fb in _dbus_type_writer_write_basic_no_typecode dbus/dbus/dbus-marshal-recursive.c:1605
    #2 0x7fdb943d64e9 in _dbus_type_writer_write_basic dbus/dbus/dbus-marshal-recursive.c:2327
    #3 0x7fdb943c52a6 in write_basic_field dbus/dbus/dbus-marshal-header.c:318
    #4 0x7fdb943c919e in _dbus_header_set_field_basic dbus/dbus/dbus-marshal-header.c:1321
    #5 0x7fdb943e1349 in dbus_message_set_reply_serial dbus/dbus/dbus-message.c:1173

The 'value' parameter to _dbus_header_set_field_basic() is the address of a uint32, which has alignment 4, whereas the union type DBusBasicValue has alignment 8 on 64-bit machines.

Fix attached.
Comment 1 Marc Mutz 2016-10-03 21:05:35 UTC
Created attachment 126982 [details] [review]
Revised version
Comment 2 Simon McVittie 2016-10-04 10:24:29 UTC
Looks good, testing now.
Comment 3 Simon McVittie 2016-10-04 19:09:22 UTC
Fixed in git for 1.10.12 and 1.11.6, thanks!


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.