From 382eb9dcf2326b8d9fbd29486fa5cb95a7b98d40 Mon Sep 17 00:00:00 2001 From: Christopher Chavez Date: Fri, 12 May 2023 11:37:11 -0500 Subject: [PATCH 1/3] gh-104432: Use memcpy() to avoid misaligned loads --- Modules/grpmodule.c | 9 +++++++-- Modules/socketmodule.c | 20 +++++++++++++++----- 2 files changed, 22 insertions(+), 7 deletions(-) diff --git a/Modules/grpmodule.c b/Modules/grpmodule.c index 57cdde6064c24e..9586990328e0ff 100644 --- a/Modules/grpmodule.c +++ b/Modules/grpmodule.c @@ -65,8 +65,13 @@ mkgrent(PyObject *module, struct group *p) Py_DECREF(v); return NULL; } - for (member = p->gr_mem; *member != NULL; member++) { - PyObject *x = PyUnicode_DecodeFSDefault(*member); + for (member = p->gr_mem; ; member++) { + char *s; + memcpy(&s, member, sizeof(s)); // member can be misaligned + if (s == NULL) { + break; + } + PyObject *x = PyUnicode_DecodeFSDefault(s); if (x == NULL || PyList_Append(w, x) != 0) { Py_XDECREF(x); Py_DECREF(w); diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c index c11fb4400eab2f..e23b73dfda5729 100644 --- a/Modules/socketmodule.c +++ b/Modules/socketmodule.c @@ -5787,9 +5787,14 @@ gethost_common(socket_state *state, struct hostent *h, struct sockaddr *addr, /* SF #1511317: h_aliases can be NULL */ if (h->h_aliases) { - for (pch = h->h_aliases; *pch != NULL; pch++) { + for (pch = h->h_aliases; ; pch++) { int status; - tmp = PyUnicode_FromString(*pch); + char *s; + memcpy(&s, pch, sizeof(s)); // pch can be misaligned + if (s == NULL) { + break; + } + tmp = PyUnicode_FromString(s); if (tmp == NULL) goto err; @@ -5801,8 +5806,13 @@ gethost_common(socket_state *state, struct hostent *h, struct sockaddr *addr, } } - for (pch = h->h_addr_list; *pch != NULL; pch++) { + for (pch = h->h_addr_list; ; pch++) { int status; + char *s; + memcpy(&s, pch, sizeof(s)); // pch can be misaligned + if (s == NULL) { + break; + } switch (af) { @@ -5814,7 +5824,7 @@ gethost_common(socket_state *state, struct hostent *h, struct sockaddr *addr, #ifdef HAVE_SOCKADDR_SA_LEN sin.sin_len = sizeof(sin); #endif - memcpy(&sin.sin_addr, *pch, sizeof(sin.sin_addr)); + memcpy(&sin.sin_addr, s, sizeof(sin.sin_addr)); tmp = make_ipv4_addr(&sin); if (pch == h->h_addr_list && alen >= sizeof(sin)) @@ -5831,7 +5841,7 @@ gethost_common(socket_state *state, struct hostent *h, struct sockaddr *addr, #ifdef HAVE_SOCKADDR_SA_LEN sin6.sin6_len = sizeof(sin6); #endif - memcpy(&sin6.sin6_addr, *pch, sizeof(sin6.sin6_addr)); + memcpy(&sin6.sin6_addr, s, sizeof(sin6.sin6_addr)); tmp = make_ipv6_addr(&sin6); if (pch == h->h_addr_list && alen >= sizeof(sin6)) From f59d0be8b2ac2d0bce1ccfe04db79ecbe5236d42 Mon Sep 17 00:00:00 2001 From: Christopher Chavez Date: Sat, 13 May 2023 17:32:21 -0500 Subject: [PATCH 2/3] Rename variables as suggested Co-authored-by: Gregory P. Smith --- Modules/grpmodule.c | 9 +++++---- Modules/socketmodule.c | 20 +++++++++++--------- 2 files changed, 16 insertions(+), 13 deletions(-) diff --git a/Modules/grpmodule.c b/Modules/grpmodule.c index 9586990328e0ff..f5709296334a8f 100644 --- a/Modules/grpmodule.c +++ b/Modules/grpmodule.c @@ -66,12 +66,13 @@ mkgrent(PyObject *module, struct group *p) return NULL; } for (member = p->gr_mem; ; member++) { - char *s; - memcpy(&s, member, sizeof(s)); // member can be misaligned - if (s == NULL) { + char *group_member; + // member can be misaligned + memcpy(&group_member, member, sizeof(group_member)); + if (group_member == NULL) { break; } - PyObject *x = PyUnicode_DecodeFSDefault(s); + PyObject *x = PyUnicode_DecodeFSDefault(group_member); if (x == NULL || PyList_Append(w, x) != 0) { Py_XDECREF(x); Py_DECREF(w); diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c index e23b73dfda5729..915efe4e7b3ed4 100644 --- a/Modules/socketmodule.c +++ b/Modules/socketmodule.c @@ -5789,12 +5789,13 @@ gethost_common(socket_state *state, struct hostent *h, struct sockaddr *addr, if (h->h_aliases) { for (pch = h->h_aliases; ; pch++) { int status; - char *s; - memcpy(&s, pch, sizeof(s)); // pch can be misaligned - if (s == NULL) { + char *host_alias; + // pch can be misaligned + memcpy(&host_alias, pch, sizeof(host_alias)); + if (host_alias == NULL) { break; } - tmp = PyUnicode_FromString(s); + tmp = PyUnicode_FromString(host_alias); if (tmp == NULL) goto err; @@ -5808,9 +5809,10 @@ gethost_common(socket_state *state, struct hostent *h, struct sockaddr *addr, for (pch = h->h_addr_list; ; pch++) { int status; - char *s; - memcpy(&s, pch, sizeof(s)); // pch can be misaligned - if (s == NULL) { + char *host_address; + // pch can be misaligned + memcpy(&host_address, pch, sizeof(host_address)); + if (host_address == NULL) { break; } @@ -5824,7 +5826,7 @@ gethost_common(socket_state *state, struct hostent *h, struct sockaddr *addr, #ifdef HAVE_SOCKADDR_SA_LEN sin.sin_len = sizeof(sin); #endif - memcpy(&sin.sin_addr, s, sizeof(sin.sin_addr)); + memcpy(&sin.sin_addr, host_address, sizeof(sin.sin_addr)); tmp = make_ipv4_addr(&sin); if (pch == h->h_addr_list && alen >= sizeof(sin)) @@ -5841,7 +5843,7 @@ gethost_common(socket_state *state, struct hostent *h, struct sockaddr *addr, #ifdef HAVE_SOCKADDR_SA_LEN sin6.sin6_len = sizeof(sin6); #endif - memcpy(&sin6.sin6_addr, s, sizeof(sin6.sin6_addr)); + memcpy(&sin6.sin6_addr, host_address, sizeof(sin6.sin6_addr)); tmp = make_ipv6_addr(&sin6); if (pch == h->h_addr_list && alen >= sizeof(sin6)) From 908fa7ad64a5930aae1ef2a568e81487636e5a75 Mon Sep 17 00:00:00 2001 From: "Gregory P. Smith [Google LLC]" Date: Thu, 27 Jul 2023 11:47:31 -0700 Subject: [PATCH 3/3] NEWS entry. --- .../2023-07-27-11-47-29.gh-issue-104432.oGHF-z.rst | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 Misc/NEWS.d/next/Core and Builtins/2023-07-27-11-47-29.gh-issue-104432.oGHF-z.rst diff --git a/Misc/NEWS.d/next/Core and Builtins/2023-07-27-11-47-29.gh-issue-104432.oGHF-z.rst b/Misc/NEWS.d/next/Core and Builtins/2023-07-27-11-47-29.gh-issue-104432.oGHF-z.rst new file mode 100644 index 00000000000000..e47927b4e11886 --- /dev/null +++ b/Misc/NEWS.d/next/Core and Builtins/2023-07-27-11-47-29.gh-issue-104432.oGHF-z.rst @@ -0,0 +1,4 @@ +Fix potential unaligned memory access on C APIs involving returned sequences +of `char *` pointers within the :mod:`grp` and :mod:`socket` modules. These +were revealed using a ``-fsaniziter=alignment`` build on ARM macOS. Patch by +Christopher Chavez.