cf-socket: tweak a memcpy() to read better

By checking the size of the actual buffer and using that as memcpy
target instead of another union member, this helps readers and static
code analyzers to determine that this is not a buffer overflow.

Ref: #18677
Closes #18787

diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 3d1f5e7529507259e526173e7651d0ab34128e66..1fabf0ea0b4a2165c9d34ec2b641084147955e1e 100644 (file)
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -333,12 +333,11 @@ static CURLcode sock_assign_addr(struct Curl_sockaddr_ex *dest,
   }
   dest->addrlen = (unsigned int)ai->ai_addrlen;
 
-  if(dest->addrlen > sizeof(struct Curl_sockaddr_storage)) {
-    DEBUGASSERT(0);
+  DEBUGASSERT(dest->addrlen <= sizeof(dest->curl_sa_addrbuf));
+  if(dest->addrlen > sizeof(dest->curl_sa_addrbuf))
     return CURLE_TOO_LARGE;
-  }
 
-  memcpy(&dest->curl_sa_addr, ai->ai_addr, dest->addrlen);
+  memcpy(&dest->curl_sa_addrbuf, ai->ai_addr, dest->addrlen);
   return CURLE_OK;
 }
 

diff --git a/lib/cf-socket.h b/lib/cf-socket.h
index 083202fad9007ab54e7c4e9cd9cf0b3195a199d6..85b7e5631b5666e640330ab6c2dfaedf9b2ba9c4 100644 (file)
--- a/lib/cf-socket.h
+++ b/lib/cf-socket.h
@@ -48,11 +48,12 @@ struct Curl_sockaddr_ex {
   int protocol;
   unsigned int addrlen;
   union {
-    struct sockaddr addr;
-    struct Curl_sockaddr_storage buff;
-  } _sa_ex_u;
+    struct sockaddr sa;
+    struct Curl_sockaddr_storage buf;
+  } addr;
 };
-#define curl_sa_addr _sa_ex_u.addr
+#define curl_sa_addr addr.sa
+#define curl_sa_addrbuf addr.buf
 
 /*
  * Parse interface option, and return the interface name and the host part.