Skip to content

Commit

Permalink
libvncclient: fix pointer aliasing/alignment issue
Browse files Browse the repository at this point in the history
Accessing byte-aligned data through uint32_t pointers can cause crashes
on some platforms or reduce the performance. Therefore ensure a proper
stack alignment.
  • Loading branch information
tobydox committed May 28, 2020
1 parent d79d913 commit 23e5cbe
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions libvncclient/rfbproto.c
Original file line number Diff line number Diff line change
Expand Up @@ -1151,10 +1151,13 @@ rfbBool
SetFormatAndEncodings(rfbClient* client)
{
rfbSetPixelFormatMsg spf;
char buf[sz_rfbSetEncodingsMsg + MAX_ENCODINGS * 4];
union {
char bytes[sz_rfbSetEncodingsMsg + MAX_ENCODINGS*4];
rfbSetEncodingsMsg msg;
} buf;

rfbSetEncodingsMsg *se = (rfbSetEncodingsMsg *)buf;
uint32_t *encs = (uint32_t *)(&buf[sz_rfbSetEncodingsMsg]);
rfbSetEncodingsMsg *se = &buf.msg;
uint32_t *encs = (uint32_t *)(&buf.bytes[sz_rfbSetEncodingsMsg]);
int len = 0;
rfbBool requestCompressLevel = FALSE;
rfbBool requestQualityLevel = FALSE;
Expand Down Expand Up @@ -1354,7 +1357,7 @@ SetFormatAndEncodings(rfbClient* client)

se->nEncodings = rfbClientSwap16IfLE(se->nEncodings);

if (!WriteToRFBServer(client, buf, len)) return FALSE;
if (!WriteToRFBServer(client, buf.bytes, len)) return FALSE;

return TRUE;
}
Expand Down

0 comments on commit 23e5cbe

Please sign in to comment.