summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGuy Harris <guy@alum.mit.edu>2015-03-02 13:46:29 -0800
committerGuy Harris <guy@alum.mit.edu>2015-03-02 13:53:08 -0800
commited08d24ae8add2f8da09996576065525c2c4a69b (patch)
tree559c40dcb35c4a91d73b298fbee8c40aa4bc66b5
parent482c3146ae70a3371d3c7fc9087aab16d39ba8f1 (diff)
downloadtcpdump-4.1.tar.gz
Fix the pointer tests in the non-ndoified TTEST2() macro as well.tcpdump-4.1
-rw-r--r--interface.h16
1 files changed, 14 insertions, 2 deletions
diff --git a/interface.h b/interface.h
index be027ed3..9bb440ca 100644
--- a/interface.h
+++ b/interface.h
@@ -104,9 +104,21 @@ extern int32_t thiszone; /* seconds offset from gmt to local time */
* that "snapend - (l)" underflows.
*
* The check is for <= rather than < because "l" might be 0.
+ *
+ * We cast the pointers to uintptr_t to make sure that the compiler
+ * doesn't optimize away any of these tests (which it is allowed to
+ * do, as adding an integer to, or subtracting an integer from, a
+ * pointer assumes that the pointer is a pointer to an element of an
+ * array and that the result of the addition or subtraction yields a
+ * pointer to another member of the array, so that, for example, if
+ * you subtract a positive integer from a pointer, the result is
+ * guaranteed to be less than the original pointer value). See
+ *
+ * http://www.kb.cert.org/vuls/id/162289
*/
-#define TTEST2(var, l) (snapend - (l) <= snapend && \
- (const u_char *)&(var) <= snapend - (l))
+#define TTEST2(var, l) \
+ ((uintptr_t)snapend - (l) <= (uintptr_t)snapend && \
+ (uintptr_t)&(var) <= (uintptr_t)snapend - (l))
/* True if "var" was captured */
#define TTEST(var) TTEST2(var, sizeof(var))