From 32641ce15e4e18196fa63a307e1f56a11e6095e4 Mon Sep 17 00:00:00 2001 From: Miao-chen Chou Date: Wed, 21 Dec 2016 16:12:33 -0800 Subject: [PATCH] monitor/rfcomm: Fix a potential memory access issue for compatibility with LLVM This patch removes "packed" attribute from the definition of struct rfcomm_rpn to prevent the access to an unaligned struct member in mmc_rpn(). This patch also introduces a temp variable in mcc_pn() to prevent unaligned access without touching the definition of struct rfcomm_pn, since struct rfcomm_pn is used as a PDU. error messages from LLVM build: monitor/rfcomm.c:238:36: error: taking address of packed member 'pm' of class or structure 'rfcomm_rpn' may result in an unaligned pointer value [-Werror,-Waddress-of-packed-member] if (!l2cap_frame_get_le16(frame, &rpn.pm)) monitor/rfcomm.c:287:36: error: taking address of packed member 'mtu' of class or structure 'rfcomm_pn' may result in an unaligned pointer value [-Werror,-Waddress-of-packed-member] if (!l2cap_frame_get_le16(frame, &pn.mtu)) Currently there is no corresponding flag in GCC to generate the same error messages. See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=51628. --- monitor/rfcomm.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/monitor/rfcomm.c b/monitor/rfcomm.c index cae6b2c0b..742bd7f46 100644 --- a/monitor/rfcomm.c +++ b/monitor/rfcomm.c @@ -265,6 +265,7 @@ static inline bool mcc_pn(struct rfcomm_frame *rfcomm_frame, uint8_t indent) { struct l2cap_frame *frame = &rfcomm_frame->l2cap_frame; struct rfcomm_pn pn; + uint16_t mtu; /* rfcomm_pn struct is defined in rfcomm.h */ @@ -284,9 +285,11 @@ static inline bool mcc_pn(struct rfcomm_frame *rfcomm_frame, uint8_t indent) if (!l2cap_frame_get_u8(frame, &pn.ack_timer)) return false; - if (!l2cap_frame_get_le16(frame, &pn.mtu)) + if (!l2cap_frame_get_le16(frame, &mtu)) return false; + pn.mtu = mtu; + if (!l2cap_frame_get_u8(frame, &pn.max_retrans)) return false; -- 2.47.3