From 549eab54c481a9723ec27ef854ab4aaff2e31879 Mon Sep 17 00:00:00 2001 From: visa Date: Thu, 16 Sep 2021 12:35:20 +0000 Subject: [PATCH] tcpdump: Fix data alignment issue in WireGuard printer Access 8-byte nonce as unaligned data to avoid a crash on strict alignment architectures. With IP and UDP, payload alignment is guaranteed to 4-byte boundary only. Reported and tested by Peter J. Philipp OK deraadt@ --- usr.sbin/tcpdump/print-wg.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/usr.sbin/tcpdump/print-wg.c b/usr.sbin/tcpdump/print-wg.c index 4140b5ed8e9..b10bfd93895 100644 --- a/usr.sbin/tcpdump/print-wg.c +++ b/usr.sbin/tcpdump/print-wg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-wg.c,v 1.6 2021/04/14 19:34:56 bluhm Exp $ */ +/* $OpenBSD: print-wg.c,v 1.7 2021/09/16 12:35:20 visa Exp $ */ /* * Copyright (C) 2015-2020 Jason A. Donenfeld . All Rights Reserved. @@ -142,8 +142,9 @@ wg_print(const u_char *bp, u_int length) printf("[wg] keepalive "); if (caplen < offsetof(struct wg_data, mac)) goto trunc; + /* data->nonce may be unaligned. */ printf("to 0x%08x nonce %llu", - letoh32(data->receiver), letoh64(data->nonce)); + letoh32(data->receiver), EXTRACT_LE_64BITS(&data->nonce)); break; } return; -- 2.20.1