[tor-commits] [tor/master] Extract the raw_free() of ifc_buf into a new function.

[nickm at torproject.org]

commit f71bbd20a40de78fc1e7d722ba591578f137abec
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed Jan 10 09:51:45 2018 -0500

    Extract the raw_free() of ifc_buf into a new function.
    
    Explain the problem more correctly.
---
 src/common/address.c | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/src/common/address.c b/src/common/address.c
index ea14e6392..d96ec514b 100644
--- a/src/common/address.c
+++ b/src/common/address.c
@@ -1515,6 +1515,18 @@ get_interface_addresses_win32(int severity, sa_family_t family)
 #define _SIZEOF_ADDR_IFREQ sizeof
 #endif
 
+/* Free ifc->ifc_buf safely. */
+static void
+ifconf_free_ifc_buf(struct ifconf *ifc)
+{
+  /* On macOS, tor_free() takes the address of ifc.ifc_buf, which leads to
+   * undefined behaviour, because pointer-to-pointers are expected to be
+   * aligned at 8-bytes, but the ifconf structure is packed.  So we use
+   * raw_free() instead. */
+  raw_free(ifc->ifc_buf);
+  ifc->ifc_buf = NULL;
+}
+
 /** Convert <b>*buf</b>, an ifreq structure array of size <b>buflen</b>,
  * into smartlist of <b>tor_addr_t</b> structures.
  */
@@ -1601,11 +1613,7 @@ get_interface_addresses_ioctl(int severity, sa_family_t family)
  done:
   if (fd >= 0)
     close(fd);
-  /* On macOS, tor_free() loads ifc.ifc_buf, which leads to undefined
-   * behaviour, because it is always aligned at 8-bytes (ifc) plus 4 bytes
-   * (ifc_len and pragma pack(4)). So we use raw_free() instead. */
-  raw_free(ifc.ifc_buf);
-  ifc.ifc_buf = NULL;
+  ifconf_free_ifc_buf(&ifc);
   return result;
 }
 #endif /* defined(HAVE_IFCONF_TO_SMARTLIST) */