On Mon, Nov 11, 2013 at 11:11:56PM +0100, Mark Kettenis wrote: > From: Mark Kettenis <kette...@openbsd.org> > > A char array on the stack is not guaranteed to have more than byte alignment. > This means that casting it to a 'struct cmsghdr' and accessing its members > may result in unaligned access. This will generate SIGBUS on struct > alignment architectures like OpenBSD/sparc64. The canonical solution is to > use a union to force proper alignment. > > Signed-off-by: Mark Kettenis <kette...@openbsd.org>
Reviewed-by: Matthieu Herrb <matth...@herrb.eu> > --- > src/xcb_conn.c | 7 +++++-- > src/xcb_in.c | 7 +++++-- > 2 files changed, 10 insertions(+), 4 deletions(-) > > diff --git a/src/xcb_conn.c b/src/xcb_conn.c > index 50e7fb6..46390e1 100644 > --- a/src/xcb_conn.c > +++ b/src/xcb_conn.c > @@ -216,13 +216,16 @@ static int write_vec(xcb_connection_t *c, struct iovec > **vector, int *count) > > #if HAVE_SENDMSG > if (c->out.out_fd.nfd) { > - char cmsgbuf[CMSG_SPACE(sizeof(int) * XCB_MAX_PASS_FD)]; > + union { > + struct cmsghdr cmsghdr; > + char buf[CMSG_SPACE(XCB_MAX_PASS_FD * sizeof(int))]; > + } cmsgbuf; > struct msghdr msg = { > .msg_name = NULL, > .msg_namelen = 0, > .msg_iov = *vector, > .msg_iovlen = n, > - .msg_control = cmsgbuf, > + .msg_control = cmsgbuf.buf, > .msg_controllen = CMSG_LEN(c->out.out_fd.nfd * sizeof (int)), > }; > int i; > diff --git a/src/xcb_in.c b/src/xcb_in.c > index 8c3a58c..fd6c2ef 100644 > --- a/src/xcb_in.c > +++ b/src/xcb_in.c > @@ -888,13 +888,16 @@ int _xcb_in_read(xcb_connection_t *c) > .iov_base = c->in.queue + c->in.queue_len, > .iov_len = sizeof(c->in.queue) - c->in.queue_len, > }; > - char cmsgbuf[CMSG_SPACE(sizeof(int) * XCB_MAX_PASS_FD)]; > + union { > + struct cmsghdr cmsghdr; > + char buf[CMSG_SPACE(XCB_MAX_PASS_FD * sizeof(int))]; > + } cmsgbuf; > struct msghdr msg = { > .msg_name = NULL, > .msg_namelen = 0, > .msg_iov = &iov, > .msg_iovlen = 1, > - .msg_control = cmsgbuf, > + .msg_control = cmsgbuf.buf, > .msg_controllen = CMSG_SPACE(sizeof(int) * (XCB_MAX_PASS_FD - > c->in.in_fd.nfd)), > }; > n = recvmsg(c->fd, &msg, 0); > -- > 1.8.4.2 > > _______________________________________________ > Xcb mailing list > x...@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/xcb -- Matthieu Herrb _______________________________________________ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel