>Number:         5348
>Category:       bin
>Synopsis:       tcpdump Bus Errors due to invalid memory access on sparc
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Apr 22 00:05:01 1998
>Last-Modified:
>Originator:     David Brownlee
>Organization:
<a href="http://www.mono.org/">Monochrome</a>
>Release:        1.3.1
>Environment:
System: NetBSD lapton.anim.dreamworks.com 1.3.1 NetBSD 1.3.1 (_LAPTON_) #0: Tue Mar 24 14:27:08 PST 1998 root@lapton.anim.dreamworks.com:/usr/src/sys/arch/i386/compile/_LAPTON_ i386


>Description:
	tcpdump dereferences a character pointer with *(const u_int32_t *),
	which implicitly assumes it is suitably aligned for such access.

	I'm surprised that noone else has seen this under NetBSD/sparc.
	It could be that my setup is 'just different', but I've seen this
	one three different 1.3 and 1.3.1 NetBSD/sparc boxes.

>How-To-Repeat:
	Run tcpdump under NetBSD/sparc and wait for it to Bus Error

>Fix:
	This fixes it for me. This is against 1.3.1, but should apply
	cleanly to -current. If this is correct, then I might suggest it
	would be a perfect candidate for a 1.3.2 pullup. If I'm just off
	in some strange world of my own, then... uh, send me a postcard...

--- addrtoname.c.orig	Tue Apr 21 23:45:54 1998
+++ addrtoname.c	Tue Apr 21 23:46:18 1998
@@ -182,7 +182,7 @@
 	static struct hnamemem *p;		/* static for longjmp() */
 
 #ifndef LBL_ALIGN
-	addr = *(const u_int32_t *)ap;
+	memcpy(&addr, ap, sizeof(u_int32_t));
 #else
 	/*
 	 * Extract 32 bits in network order, dealing with alignment.
>Audit-Trail:
>Unformatted: