Fix misaligned read in StunMessage::Read

Change-Id: I10ba8f08d13751814a07d6f4e364bc7e7224d0e7 BUG: webrtc:10403 Change-Id: I10ba8f08d13751814a07d6f4e364bc7e7224d0e7 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/127328 Commit-Queue: Steve Anton <steveanton@webrtc.org> Reviewed-by: Steve Anton <steveanton@webrtc.org> Cr-Commit-Position: refs/heads/master@{#27149}
2019-03-14 10:38:31 -07:00 · 2019-03-14 10:38:31 -07:00 · 154d839f3d
commit 154d839f3d
parent 2f5f061dfa
2 changed files with 5 additions and 3 deletions
--- a/p2p/base/stun.cc
+++ b/p2p/base/stun.cc
@ -364,8 +364,10 @@ bool StunMessage::Read(ByteBufferReader* buf) {
  if (!buf->ReadString(&transaction_id, kStunTransactionIdLength))
    return false;

-  uint32_t magic_cookie_int =
-      *reinterpret_cast<const uint32_t*>(magic_cookie.data());
+  uint32_t magic_cookie_int;
+  static_assert(sizeof(magic_cookie_int) == kStunMagicCookieLength,
+                "Integer size mismatch: magic_cookie_int and kStunMagicCookie");
+  std::memcpy(&magic_cookie_int, magic_cookie.data(), sizeof(magic_cookie_int));
  if (rtc::NetworkToHost32(magic_cookie_int) != kStunMagicCookie) {
    // If magic cookie is invalid it means that the peer implements
    // RFC3489 instead of RFC5389.
--- a/p2p/base/stun.h
+++ b/p2p/base/stun.h
@ -110,7 +110,7 @@ const size_t kStunHeaderSize = 20;
 const size_t kStunTransactionIdOffset = 8;
 const size_t kStunTransactionIdLength = 12;
 const uint32_t kStunMagicCookie = 0x2112A442;
-const size_t kStunMagicCookieLength = sizeof(kStunMagicCookie);
+constexpr size_t kStunMagicCookieLength = sizeof(kStunMagicCookie);

 // Following value corresponds to an earlier version of STUN from
 // RFC3489.