From 4d45ae828968d0daf98701d9579bff9761c43425 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sun, 13 Mar 2022 14:52:09 +0100 Subject: [PATCH] bridge.c: Fix some int vs. unsigned long type error MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit not only is it a signed/unsigned error, but on some architectures the sizes of those two types are not identical, leading to a buffer overflow on the stack. gcc-11.2 is complaining about it: bridge.c: In function ‘ph_control’: bridge.c:159:9: error: array subscript 2 is outside array bounds of ‘unsigned char[16]’ [-Werror=array-bounds] 159 | *d++ = c2; | ^~~~ bridge.c:150:23: note: while referencing ‘data’ 150 | unsigned char data[MISDN_HEADER_LEN+sizeof(int)+sizeof(int)]; | ^~~~ --- bridge/bridge.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bridge/bridge.c b/bridge/bridge.c index 5819933..cccb23f 100644 --- a/bridge/bridge.c +++ b/bridge/bridge.c @@ -150,7 +150,7 @@ static void ph_control(int sock, int c1, int c2) unsigned char data[MISDN_HEADER_LEN+sizeof(int)+sizeof(int)]; struct mISDNhead *hh = (struct mISDNhead *)data; int len; - unsigned long *d = (unsigned long *)(data + MISDN_HEADER_LEN); + int *d = (int *)(data + MISDN_HEADER_LEN); hh->prim = PH_CONTROL_REQ; hh->id = 0; @@ -167,7 +167,7 @@ void ph_control_block(int sock, int c1, void *c2, int c2_len) unsigned char data[MISDN_HEADER_LEN+sizeof(int)+c2_len]; struct mISDNhead *hh = (struct mISDNhead *)data; int len; - unsigned long *d = (unsigned long *)(data + MISDN_HEADER_LEN); + int *d = (int *)(data + MISDN_HEADER_LEN); hh->prim = PH_CONTROL_REQ; hh->id = 0;