alignment problem in monitor_fdpass.c

John Hay jhay at meraka.org.za
Wed Feb 20 20:31:42 EST 2008


Hi,

After FreeBSD changed from using -O2 to using -O on their ARM port, I
found that sshd stopped working. (gcc version 4.2.1 20070719  [FreeBSD])
I have downloaded openssh-SNAP-20080220.tar.gz and the code still look
the same.

Anyway looking into it, I found that the problem is in monitor_fdpass.c
in the functions mm_send_fd and mm_receive_fd. Using -O2 used to align
the tmp array on a 4 byte boundary and using -O does not. On
architectures that do not like unaligned accesses this will break.

An extraction of mm_send_fd() look something like this:

##############################
struct msghdr msg;
char tmp[CMSG_SPACE(sizeof(int))];
struct cmsghdr *cmsg;

msg.msg_control = (caddr_t)tmp;
cmsg = CMSG_FIRSTHDR(&msg);
cmsg->cmsg_len = CMSG_LEN(sizeof(int));
##############################

The bus error happens on the last line when a value is written into
cmsg_len.

In effect it does:

cmsg = tmp;
cmsg->cmsg_len = CMSG_LEN(sizeof(int));

So if tmp is not aligned, then cmsg is not and cmsg_len is of type
socklen_t (at least on FreeBSD) and right at the start of the
structure.

So which way is the best to fix it? One way is to add __aligned(4) to
the line where tmp is declared. Another is to put tmp and cmsg in an
union, which will also cause it to be aligned.

(I'm not on this list, so keep my address in please.)

John
-- 
John Hay -- John.Hay at meraka.csir.co.za / jhay at FreeBSD.org


More information about the openssh-unix-dev mailing list