rpms / mokutil

Clone
Source Code
GIT

Blame 0009-Avoid-taking-pointer-to-packed-struct.patch

f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 main rawhide
  1.   f32
  2.   0009-Avoid-taking-pointer-to-packed-struct.patch
Blob History Raw
f340687 
From 19e8c9071b3d9306ca7b7329b313b31f86c2936d Mon Sep 17 00:00:00 2001
f340687 
From: Harry Youd <harry@harryyoud.co.uk>
f340687 
Date: Wed, 31 Jul 2019 19:44:53 +0100
f340687 
Subject: [PATCH 12/12] Avoid taking pointer to packed struct
f340687 
MIME-Version: 1.0
f340687 
Content-Type: text/plain; charset=UTF-8
f340687 
Content-Transfer-Encoding: 8bit
f340687
f340687 
Fixes:
f340687 
error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
f340687 
---
f340687 
 src/mokutil.c | 38 ++++++++++++++++++++++----------------
f340687 
 1 file changed, 22 insertions(+), 16 deletions(-)
f340687
f340687 
diff --git a/src/mokutil.c b/src/mokutil.c
f340687 
index e2d567d..8892613 100644
f340687 
--- a/src/mokutil.c
f340687 
+++ b/src/mokutil.c
f340687 
@@ -270,20 +270,22 @@ build_mok_list (void *data, unsigned long data_size, uint32_t *mok_num)
f340687 
 			return NULL;
f340687 
 		}
f340687
f340687 
-		if ((efi_guid_cmp (&CertList->SignatureType, &efi_guid_x509_cert) != 0) &&
f340687 
-		    (efi_guid_cmp (&CertList->SignatureType, &efi_guid_sha1) != 0) &&
f340687 
-		    (efi_guid_cmp (&CertList->SignatureType, &efi_guid_sha224) != 0) &&
f340687 
-		    (efi_guid_cmp (&CertList->SignatureType, &efi_guid_sha256) != 0) &&
f340687 
-		    (efi_guid_cmp (&CertList->SignatureType, &efi_guid_sha384) != 0) &&
f340687 
-		    (efi_guid_cmp (&CertList->SignatureType, &efi_guid_sha512) != 0)) {
f340687 
+		efi_guid_t sigtype = CertList->SignatureType;
f340687 
+
f340687 
+		if ((efi_guid_cmp (&sigtype, &efi_guid_x509_cert) != 0) &&
f340687 
+		    (efi_guid_cmp (&sigtype, &efi_guid_sha1) != 0) &&
f340687 
+		    (efi_guid_cmp (&sigtype, &efi_guid_sha224) != 0) &&
f340687 
+		    (efi_guid_cmp (&sigtype, &efi_guid_sha256) != 0) &&
f340687 
+		    (efi_guid_cmp (&sigtype, &efi_guid_sha384) != 0) &&
f340687 
+		    (efi_guid_cmp (&sigtype, &efi_guid_sha512) != 0)) {
f340687 
 			dbsize -= CertList->SignatureListSize;
f340687 
 			CertList = (EFI_SIGNATURE_LIST *)((uint8_t *) CertList +
f340687 
 						  CertList->SignatureListSize);
f340687 
 			continue;
f340687 
 		}
f340687
f340687 
-		if ((efi_guid_cmp (&CertList->SignatureType, &efi_guid_x509_cert) != 0) &&
f340687 
-		    (CertList->SignatureSize != signature_size (&CertList->SignatureType))) {
f340687 
+		if ((efi_guid_cmp (&sigtype, &efi_guid_x509_cert) != 0) &&
f340687 
+		    (CertList->SignatureSize != signature_size (&sigtype))) {
f340687 
 			dbsize -= CertList->SignatureListSize;
f340687 
 			CertList = (EFI_SIGNATURE_LIST *)((uint8_t *) CertList +
f340687 
 						  CertList->SignatureListSize);
f340687 
@@ -312,7 +314,7 @@ build_mok_list (void *data, unsigned long data_size, uint32_t *mok_num)
f340687 
 		}
f340687
f340687 
 		list[count].header = CertList;
f340687 
-		if (efi_guid_cmp (&CertList->SignatureType, &efi_guid_x509_cert) == 0) {
f340687 
+		if (efi_guid_cmp (&sigtype, &efi_guid_x509_cert) == 0) {
f340687 
 			/* X509 certificate */
f340687 
 			list[count].mok_size = CertList->SignatureSize -
f340687 
 					       sizeof(efi_guid_t);
f340687 
@@ -442,10 +444,11 @@ list_keys (uint8_t *data, size_t data_size)
f340687
f340687 
 	for (unsigned int i = 0; i < mok_num; i++) {
f340687 
 		printf ("[key %d]\n", i+1);
f340687 
-		if (efi_guid_cmp (&list[i].header->SignatureType, &efi_guid_x509_cert) == 0) {
f340687 
+		efi_guid_t sigtype = list[i].header->SignatureType;
f340687 
+		if (efi_guid_cmp (&sigtype, &efi_guid_x509_cert) == 0) {
f340687 
 			print_x509 ((char *)list[i].mok, list[i].mok_size);
f340687 
 		} else {
f340687 
-			print_hash_array (&list[i].header->SignatureType,
f340687 
+			print_hash_array (&sigtype,
f340687 
 					  list[i].mok, list[i].mok_size);
f340687 
 		}
f340687 
 		if (i < mok_num - 1)
f340687 
@@ -523,7 +526,8 @@ delete_data_from_list (const efi_guid_t *var_guid, const char *var_name,
f340687 
 	remain = total;
f340687 
 	for (unsigned int i = 0; i < mok_num; i++) {
f340687 
 		remain -= list[i].header->SignatureListSize;
f340687 
-		if (efi_guid_cmp (&list[i].header->SignatureType, type) != 0)
f340687 
+		efi_guid_t sigtype = list[i].header->SignatureType;
f340687 
+		if (efi_guid_cmp (&sigtype, type) != 0)
f340687 
 			continue;
f340687
f340687 
 		sig_list_size = list[i].header->SignatureListSize;
f340687 
@@ -1057,7 +1061,8 @@ is_duplicate (const efi_guid_t *type, const void *data, const uint32_t data_size
f340687 
 	}
f340687
f340687 
 	for (unsigned int i = 0; i < node_num; i++) {
f340687 
-		if (efi_guid_cmp (&list[i].header->SignatureType, type) != 0)
f340687 
+		efi_guid_t sigtype = list[i].header->SignatureType;
f340687 
+		if (efi_guid_cmp (&sigtype, type) != 0)
f340687 
 			continue;
f340687
f340687 
 		if (efi_guid_cmp (type, &efi_guid_x509_cert) == 0) {
f340687 
@@ -1510,8 +1515,8 @@ issue_hash_request (const char *hash_str, MokRequest req,
f340687 
 			goto error;
f340687 
 		/* Check if there is a signature list with the same type */
f340687 
 		for (unsigned int i = 0; i < mok_num; i++) {
f340687 
-			if (efi_guid_cmp (&mok_list[i].header->SignatureType,
f340687 
-					 &hash_type) == 0) {
f340687 
+			efi_guid_t sigtype = mok_list[i].header->SignatureType;
f340687 
+			if (efi_guid_cmp (&sigtype, &hash_type) == 0) {
f340687 
 				merge_ind = i;
f340687 
 				list_size -= sizeof(EFI_SIGNATURE_LIST);
f340687 
 				break;
f340687 
@@ -1678,8 +1683,9 @@ export_db_keys (const DBName db_name)
f340687 
 	for (unsigned i = 0; i < mok_num; i++) {
f340687 
 		off_t offset = 0;
f340687 
 		ssize_t write_size;
f340687 
+		efi_guid_t sigtype = list[i].header->SignatureType;
f340687
f340687 
-		if (efi_guid_cmp (&list[i].header->SignatureType, &efi_guid_x509_cert) != 0)
f340687 
+		if (efi_guid_cmp (&sigtype, &efi_guid_x509_cert) != 0)
f340687 
 			continue;
f340687
f340687 
 		/* Dump X509 certificate to files */
f340687 
--
f340687 
2.21.0
f340687
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.