bridge.c: Fix some int vs. unsigned long type error

not only is it a signed/unsigned error, but on some architectures the
sizes of those two types are not identical, leading to a buffer overflow
on the stack. gcc-11.2 is complaining about it:

bridge.c: In function ‘ph_control’:
bridge.c:159:9: error: array subscript 2 is outside array bounds of ‘unsigned char[16]’ [-Werror=array-bounds]
  159 |         *d++ = c2;
      |         ^~~~
bridge.c:150:23: note: while referencing ‘data’
  150 |         unsigned char data[MISDN_HEADER_LEN+sizeof(int)+sizeof(int)];
      |                       ^~~~
This commit is contained in:
Harald Welte 2022-03-13 14:52:09 +01:00
parent d6818dd9a4
commit 4d45ae8289
1 changed files with 2 additions and 2 deletions

View File

@ -150,7 +150,7 @@ static void ph_control(int sock, int c1, int c2)
unsigned char data[MISDN_HEADER_LEN+sizeof(int)+sizeof(int)];
struct mISDNhead *hh = (struct mISDNhead *)data;
int len;
unsigned long *d = (unsigned long *)(data + MISDN_HEADER_LEN);
int *d = (int *)(data + MISDN_HEADER_LEN);
hh->prim = PH_CONTROL_REQ;
hh->id = 0;
@ -167,7 +167,7 @@ void ph_control_block(int sock, int c1, void *c2, int c2_len)
unsigned char data[MISDN_HEADER_LEN+sizeof(int)+c2_len];
struct mISDNhead *hh = (struct mISDNhead *)data;
int len;
unsigned long *d = (unsigned long *)(data + MISDN_HEADER_LEN);
int *d = (int *)(data + MISDN_HEADER_LEN);
hh->prim = PH_CONTROL_REQ;
hh->id = 0;