0002-Avoid-pointer-arithmetic-on-void.patch (5286B)
1 From 1bd3c3baab04866e76014412c839e3f954485207 Mon Sep 17 00:00:00 2001 2 From: Michael Forney <mforney@mforney.org> 3 Date: Sun, 7 Jul 2019 21:25:13 -0700 4 Subject: [PATCH] Avoid pointer arithmetic on `void *` 5 6 --- 7 src/netlink_smc_diag.c | 4 ++-- 8 src/print_timespec.h | 6 ++++-- 9 src/sockaddr.c | 6 +++--- 10 src/tee.c | 2 +- 11 src/ucopy.c | 12 ++++++------ 12 5 files changed, 16 insertions(+), 14 deletions(-) 13 14 diff --git a/src/netlink_smc_diag.c b/src/netlink_smc_diag.c 15 index 74e78b966..c3a28a839 100644 16 --- a/src/netlink_smc_diag.c 17 +++ b/src/netlink_smc_diag.c 18 @@ -42,7 +42,7 @@ DECL_NETLINK_DIAG_DECODER(decode_smc_diag_req) 19 if (len >= sizeof(req)) { 20 if (!umoven_or_printaddr(tcp, addr + offset, 21 sizeof(req) - offset, 22 - (void *) &req + offset)) { 23 + (char *) &req + offset)) { 24 PRINT_FIELD_FLAGS(req, diag_ext, 25 smc_diag_extended_flags, 26 "1<<SMC_DIAG_\?\?\?-1"); 27 @@ -261,7 +261,7 @@ DECL_NETLINK_DIAG_DECODER(decode_smc_diag_msg) 28 if (len >= sizeof(msg)) { 29 if (!umoven_or_printaddr(tcp, addr + offset, 30 sizeof(msg) - offset, 31 - (void *) &msg + offset)) { 32 + (char *) &msg + offset)) { 33 PRINT_FIELD_XVAL(msg, diag_state, 34 smc_states, "SMC_???"); 35 tprint_struct_next(); 36 diff --git a/src/print_timespec.h b/src/print_timespec.h 37 index dc5f9d10c..87f7ff973 100644 38 --- a/src/print_timespec.h 39 +++ b/src/print_timespec.h 40 @@ -66,6 +66,8 @@ bool 41 PRINT_TIMESPEC_ARRAY_DATA_SIZE(const void *arg, const unsigned int nmemb, 42 const size_t size) 43 { 44 + const char *ts = arg; 45 + 46 if (nmemb > size / sizeof(TIMESPEC_T)) { 47 tprint_unavailable(); 48 return false; 49 @@ -73,10 +75,10 @@ PRINT_TIMESPEC_ARRAY_DATA_SIZE(const void *arg, const unsigned int nmemb, 50 51 tprint_array_begin(); 52 53 - for (unsigned int i = 0; i < nmemb; i++, arg += sizeof(TIMESPEC_T)) { 54 + for (unsigned int i = 0; i < nmemb; i++, ts += sizeof(TIMESPEC_T)) { 55 if (i) 56 tprint_array_next(); 57 - print_unaligned_timespec_t(arg); 58 + print_unaligned_timespec_t(ts); 59 } 60 61 tprint_array_end(); 62 diff --git a/src/sockaddr.c b/src/sockaddr.c 63 index 874821c60..98220288d 100644 64 --- a/src/sockaddr.c 65 +++ b/src/sockaddr.c 66 @@ -605,7 +605,7 @@ print_sockaddr_data_tipc(struct tcb *tcp, const void *const buf, 67 tprint_struct_next(); 68 tprints_field_name("addr"); 69 70 - const void *const addr_buf = buf + offsetof(struct sockaddr_tipc, addr); 71 + const void *const addr_buf = (char *)buf + offsetof(struct sockaddr_tipc, addr); 72 const int addr_len = sizeof(struct sockaddr_tipc) - offsetof(struct sockaddr_tipc, addr); 73 74 switch (sa->addrtype) { 75 @@ -657,7 +657,7 @@ print_sockaddr_data_tipc(struct tcb *tcp, const void *const buf, 76 static void 77 print_sockaddr_data_raw(const void *const buf, const int addrlen) 78 { 79 - const char *const data = buf + SIZEOF_SA_FAMILY; 80 + const char *const data = (const char *)buf + SIZEOF_SA_FAMILY; 81 const int datalen = addrlen - SIZEOF_SA_FAMILY; 82 83 tprints_field_name("sa_data"); 84 @@ -854,7 +854,7 @@ print_sockaddr_data_rxrpc(struct tcb *tcp, const void *const buf, 85 tprints_field_name("transport"); 86 tprint_struct_begin(); 87 88 - const void *const transport_buf = (void *) &sa->transport 89 + const void *const transport_buf = (char *) &sa->transport 90 + sizeof(sa->transport.family); 91 const int transport_len = MIN(sa->transport_len, 92 len - offsetof(struct sockaddr_rxrpc, 93 diff --git a/src/tee.c b/src/tee.c 94 index 08754212a..dca390adb 100644 95 --- a/src/tee.c 96 +++ b/src/tee.c 97 @@ -56,7 +56,7 @@ tee_fetch_buf_data(struct tcb *const tcp, 98 tee_print_buf(buf); 99 return RVAL_IOCTL_DECODED; 100 } 101 - uint32_t *num_params = (uint32_t *) (arg_struct + num_params_offs); 102 + uint32_t *num_params = (uint32_t *) ((char *)arg_struct + num_params_offs); 103 if (entering(tcp) && 104 (arg_size + TEE_IOCTL_PARAM_SIZE(*num_params) != buf->buf_len)) { 105 /* 106 diff --git a/src/ucopy.c b/src/ucopy.c 107 index b4e746b0b..007b5373e 100644 108 --- a/src/ucopy.c 109 +++ b/src/ucopy.c 110 @@ -186,7 +186,7 @@ vm_read_mem(const pid_t pid, void *laddr, 111 break; 112 113 len = next_len; 114 - laddr += copy_len; 115 + laddr = (char *)laddr + copy_len; 116 page_start += page_size; 117 taddr = page_start; 118 } 119 @@ -282,7 +282,7 @@ umoven_peekdata(const int pid, kernel_ulong_t addr, unsigned int len, 120 memcpy(laddr, &u.data[residue], m); 121 residue = 0; 122 addr += sizeof(long); 123 - laddr += m; 124 + laddr = (char *)laddr + m; 125 nread += m; 126 len -= m; 127 } 128 @@ -378,10 +378,10 @@ umovestr_peekdata(const int pid, kernel_ulong_t addr, unsigned int len, 129 memcpy(laddr, &u.data[residue], m); 130 while (residue < sizeof(long)) 131 if (u.data[residue++] == '\0') 132 - return (laddr - orig_addr) + residue; 133 + return nread + residue; 134 residue = 0; 135 addr += sizeof(long); 136 - laddr += m; 137 + laddr = (char *)laddr + m; 138 nread += m; 139 len -= m; 140 } 141 @@ -502,7 +502,7 @@ upoken_pokedata(const int pid, kernel_ulong_t addr, unsigned int len, 142 143 addr += sizeof(long); 144 nwritten += npoke; 145 - our_addr += npoke; 146 + our_addr = (char *)our_addr + npoke; 147 len -= npoke; 148 } 149 150 @@ -515,7 +515,7 @@ upoken_pokedata(const int pid, kernel_ulong_t addr, unsigned int len, 151 152 addr += sizeof(long); 153 nwritten += sizeof(long); 154 - our_addr += sizeof(long); 155 + our_addr = (char *)our_addr + sizeof(long); 156 len -= sizeof(long); 157 } 158 159 -- 160 2.49.0 161