diff mbox series

vnc: fix unalignment access in tight_pack24

Message ID 20190317120441.64846-1-liq3ea@163.com (mailing list archive)
State New, archived
Headers show
Series vnc: fix unalignment access in tight_pack24 | expand

Commit Message

Li Qiang March 17, 2019, 12:04 p.m. UTC
When adding '-fsanitize=undefined' in compiling configuration
and connect VM with vnc, it reports following error:

ui/vnc-enc-tight.c:910:13: runtime error: load of
misaligned address 0x621000466513 for type 'uint32_t',
which requires 4 byte alignment

This patch fix this issue.

Signed-off-by: Li Qiang <liq3ea@163.com>
---
 ui/vnc-enc-tight.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

Comments

Peter Maydell March 17, 2019, 2:10 p.m. UTC | #1
On Sun, 17 Mar 2019 at 12:09, Li Qiang <liq3ea@163.com> wrote:
>
> When adding '-fsanitize=undefined' in compiling configuration
> and connect VM with vnc, it reports following error:
>
> ui/vnc-enc-tight.c:910:13: runtime error: load of
> misaligned address 0x621000466513 for type 'uint32_t',
> which requires 4 byte alignment
>
> This patch fix this issue.
>
> Signed-off-by: Li Qiang <liq3ea@163.com>
> ---
>  ui/vnc-enc-tight.c | 7 ++++---
>  1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/ui/vnc-enc-tight.c b/ui/vnc-enc-tight.c
> index 0b4a5ac71f..7e1be63af3 100644
> --- a/ui/vnc-enc-tight.c
> +++ b/ui/vnc-enc-tight.c
> @@ -886,11 +886,11 @@ static int tight_compress_data(VncState *vs, int stream_id, size_t bytes,
>   */
>  static void tight_pack24(VncState *vs, uint8_t *buf, size_t count, size_t *ret)
>  {
> -    uint32_t *buf32;
> +    uint8_t *buf8;
>      uint32_t pix;
>      int rshift, gshift, bshift;
>
> -    buf32 = (uint32_t *)buf;
> +    buf8 = buf;
>
>      if (1 /* FIXME */) {
>          rshift = vs->client_pf.rshift;
> @@ -907,10 +907,11 @@ static void tight_pack24(VncState *vs, uint8_t *buf, size_t count, size_t *ret)
>      }
>
>      while (count--) {
> -        pix = *buf32++;
> +        memcpy(&pix, buf8, sizeof(uint32_t));

Better to use ldl_he_p() rather than hand-rolling
an unaligned accessor with memcpy(), I think.

Is the input data definitely in host endianness
order ?

>          *buf++ = (char)(pix >> rshift);
>          *buf++ = (char)(pix >> gshift);
>          *buf++ = (char)(pix >> bshift);
> +        buf8 += 4;
>      }
>  }
>
> --
> 2.17.1

thanks
-- PMM
Li Qiang March 17, 2019, 3:07 p.m. UTC | #2
Peter Maydell <peter.maydell@linaro.org> 于2019年3月17日周日 下午10:10写道:

> On Sun, 17 Mar 2019 at 12:09, Li Qiang <liq3ea@163.com> wrote:
> >
> > When adding '-fsanitize=undefined' in compiling configuration
> > and connect VM with vnc, it reports following error:
> >
> > ui/vnc-enc-tight.c:910:13: runtime error: load of
> > misaligned address 0x621000466513 for type 'uint32_t',
> > which requires 4 byte alignment
> >
> > This patch fix this issue.
> >
> > Signed-off-by: Li Qiang <liq3ea@163.com>
> > ---
> >  ui/vnc-enc-tight.c | 7 ++++---
> >  1 file changed, 4 insertions(+), 3 deletions(-)
> >
> > diff --git a/ui/vnc-enc-tight.c b/ui/vnc-enc-tight.c
> > index 0b4a5ac71f..7e1be63af3 100644
> > --- a/ui/vnc-enc-tight.c
> > +++ b/ui/vnc-enc-tight.c
> > @@ -886,11 +886,11 @@ static int tight_compress_data(VncState *vs, int
> stream_id, size_t bytes,
> >   */
> >  static void tight_pack24(VncState *vs, uint8_t *buf, size_t count,
> size_t *ret)
> >  {
> > -    uint32_t *buf32;
> > +    uint8_t *buf8;
> >      uint32_t pix;
> >      int rshift, gshift, bshift;
> >
> > -    buf32 = (uint32_t *)buf;
> > +    buf8 = buf;
> >
> >      if (1 /* FIXME */) {
> >          rshift = vs->client_pf.rshift;
> > @@ -907,10 +907,11 @@ static void tight_pack24(VncState *vs, uint8_t
> *buf, size_t count, size_t *ret)
> >      }
> >
> >      while (count--) {
> > -        pix = *buf32++;
> > +        memcpy(&pix, buf8, sizeof(uint32_t));
>
> Better to use ldl_he_p() rather than hand-rolling
> an unaligned accessor with memcpy(), I think.
>
>
Will do next revision.


> Is the input data definitely in host endianness
> order ?
>

AFAICS, Yes.

Thanks,
Li Qiang


>
> >          *buf++ = (char)(pix >> rshift);
> >          *buf++ = (char)(pix >> gshift);
> >          *buf++ = (char)(pix >> bshift);
> > +        buf8 += 4;
> >      }
> >  }
> >
> > --
> > 2.17.1
>
> thanks
> -- PMM
>
diff mbox series

Patch

diff --git a/ui/vnc-enc-tight.c b/ui/vnc-enc-tight.c
index 0b4a5ac71f..7e1be63af3 100644
--- a/ui/vnc-enc-tight.c
+++ b/ui/vnc-enc-tight.c
@@ -886,11 +886,11 @@  static int tight_compress_data(VncState *vs, int stream_id, size_t bytes,
  */
 static void tight_pack24(VncState *vs, uint8_t *buf, size_t count, size_t *ret)
 {
-    uint32_t *buf32;
+    uint8_t *buf8;
     uint32_t pix;
     int rshift, gshift, bshift;
 
-    buf32 = (uint32_t *)buf;
+    buf8 = buf;
 
     if (1 /* FIXME */) {
         rshift = vs->client_pf.rshift;
@@ -907,10 +907,11 @@  static void tight_pack24(VncState *vs, uint8_t *buf, size_t count, size_t *ret)
     }
 
     while (count--) {
-        pix = *buf32++;
+        memcpy(&pix, buf8, sizeof(uint32_t));
         *buf++ = (char)(pix >> rshift);
         *buf++ = (char)(pix >> gshift);
         *buf++ = (char)(pix >> bshift);
+        buf8 += 4;
     }
 }