diff options
| -rw-r--r-- | changes/bug24733 | 6 | ||||
| -rw-r--r-- | src/common/address.c | 6 |
2 files changed, 11 insertions, 1 deletions
diff --git a/changes/bug24733 b/changes/bug24733 new file mode 100644 index 0000000000..e333e4fa5d --- /dev/null +++ b/changes/bug24733 @@ -0,0 +1,6 @@ + o Minor bugfixes (code correctness): + - Stop invoking undefined behaviour by using tor_free() on an unaligned + pointer in get_interface_addresses_ioctl(). This pointer alignment issue + exists on x86_64 macOS, but is unlikely to exist elsewhere. + Fixes bug 24733; bugfix on 0.3.0.0-alpha-dev; + not in any released version of tor. diff --git a/src/common/address.c b/src/common/address.c index 0c0ba782ae..ea14e63926 100644 --- a/src/common/address.c +++ b/src/common/address.c @@ -1601,7 +1601,11 @@ get_interface_addresses_ioctl(int severity, sa_family_t family) done: if (fd >= 0) close(fd); - tor_free(ifc.ifc_buf); + /* On macOS, tor_free() loads ifc.ifc_buf, which leads to undefined + * behaviour, because it is always aligned at 8-bytes (ifc) plus 4 bytes + * (ifc_len and pragma pack(4)). So we use raw_free() instead. */ + raw_free(ifc.ifc_buf); + ifc.ifc_buf = NULL; return result; } #endif /* defined(HAVE_IFCONF_TO_SMARTLIST) */ |