The derefence of an unaligned 64bit variable results in a SIGBUS abort
on 32bit SPARC. ARMv5 CPUs seem to perform the load but load garbish.
This memcpy() workaround forces the compiler to do something that works
on even if the data was not properly aligned. For X86 it means no
change. ARM on other hand will produce slightly different code depending
on the CPU used.
Patch-Name: libclamav-yara-avoid-unaliged-access-to-64bit-variab.patch
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Signed-off-by: Mickey Sola <msola@sourcefire.com>
... | ... |
@@ -184,7 +184,7 @@ int yr_execute_code( |
184 | 184 |
#endif |
185 | 185 |
|
186 | 186 |
case OP_PUSH: |
187 |
- r1 = *(uint64_t*)(ip + 1); |
|
187 |
+ memcpy(&r1, ip + 1, sizeof(uint64_t)); |
|
188 | 188 |
ip += sizeof(uint64_t); |
189 | 189 |
push(r1); |
190 | 190 |
break; |
... | ... |
@@ -194,38 +194,38 @@ int yr_execute_code( |
194 | 194 |
break; |
195 | 195 |
|
196 | 196 |
case OP_CLEAR_M: |
197 |
- r1 = *(uint64_t*)(ip + 1); |
|
197 |
+ memcpy(&r1, ip + 1, sizeof(uint64_t)); |
|
198 | 198 |
ip += sizeof(uint64_t); |
199 | 199 |
mem[r1] = 0; |
200 | 200 |
break; |
201 | 201 |
|
202 | 202 |
case OP_ADD_M: |
203 |
- r1 = *(uint64_t*)(ip + 1); |
|
203 |
+ memcpy(&r1, ip + 1, sizeof(uint64_t)); |
|
204 | 204 |
ip += sizeof(uint64_t); |
205 | 205 |
pop(r2); |
206 | 206 |
mem[r1] += r2; |
207 | 207 |
break; |
208 | 208 |
|
209 | 209 |
case OP_INCR_M: |
210 |
- r1 = *(uint64_t*)(ip + 1); |
|
210 |
+ memcpy(&r1, ip + 1, sizeof(uint64_t)); |
|
211 | 211 |
ip += sizeof(uint64_t); |
212 | 212 |
mem[r1]++; |
213 | 213 |
break; |
214 | 214 |
|
215 | 215 |
case OP_PUSH_M: |
216 |
- r1 = *(uint64_t*)(ip + 1); |
|
216 |
+ memcpy(&r1, ip + 1, sizeof(uint64_t)); |
|
217 | 217 |
ip += sizeof(uint64_t); |
218 | 218 |
push(mem[r1]); |
219 | 219 |
break; |
220 | 220 |
|
221 | 221 |
case OP_POP_M: |
222 |
- r1 = *(uint64_t*)(ip + 1); |
|
222 |
+ memcpy(&r1, ip + 1, sizeof(uint64_t)); |
|
223 | 223 |
ip += sizeof(uint64_t); |
224 | 224 |
pop(mem[r1]); |
225 | 225 |
break; |
226 | 226 |
|
227 | 227 |
case OP_SWAPUNDEF: |
228 |
- r1 = *(uint64_t*)(ip + 1); |
|
228 |
+ memcpy(&r1, ip + 1, sizeof(uint64_t)); |
|
229 | 229 |
ip += sizeof(uint64_t); |
230 | 230 |
pop(r2); |
231 | 231 |
if (r2 != UNDEFINED) |
... | ... |
@@ -540,7 +540,7 @@ int yr_execute_code( |
540 | 540 |
|
541 | 541 |
// r1 = number of arguments |
542 | 542 |
|
543 |
- r1 = *(uint64_t*)(ip + 1); |
|
543 |
+ memcpy(&r1, ip + 1, sizeof(uint64_t)); |
|
544 | 544 |
ip += sizeof(uint64_t); |
545 | 545 |
|
546 | 546 |
// pop arguments from stack and copy them to args array |
... | ... |
@@ -854,7 +854,7 @@ int yr_execute_code( |
854 | 854 |
|
855 | 855 |
#if REAL_YARA //not supported ClamAV |
856 | 856 |
case OP_IMPORT: |
857 |
- r1 = *(uint64_t*)(ip + 1); |
|
857 |
+ memcpy(&r1, ip + 1, sizeof(uint64_t)); |
|
858 | 858 |
ip += sizeof(uint64_t); |
859 | 859 |
|
860 | 860 |
FAIL_ON_ERROR(yr_modules_load( |