summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorDana Robinson <43805+derobins@users.noreply.github.com>2023-06-03 14:23:35 (GMT)
committerGitHub <noreply@github.com>2023-06-03 14:23:35 (GMT)
commite3559c7b64e7963e3515c2ebfd7f1abad810ed19 (patch)
treecc2fe52fe08e5b0e5c43e329eaa0fe15b3871b85 /src
parent81bc34ac4c3f42532edee32095651f6bcd5e55a2 (diff)
downloadhdf5-e3559c7b64e7963e3515c2ebfd7f1abad810ed19.zip
hdf5-e3559c7b64e7963e3515c2ebfd7f1abad810ed19.tar.gz
hdf5-e3559c7b64e7963e3515c2ebfd7f1abad810ed19.tar.bz2
Add casts to type conversion to fix long dbl bug (#3038)
If a user buffer is misaligned in the type conversion code, memcpy could fail if the call is SSE-optimized by the compiler. This change adds uint8_t * casts so the compiler won't make optimistic assumptions about buffer alignment.
Diffstat (limited to 'src')
-rw-r--r--src/H5Tconv.c24
1 files changed, 22 insertions, 2 deletions
diff --git a/src/H5Tconv.c b/src/H5Tconv.c
index 93ca59f..8118eb0 100644
--- a/src/H5Tconv.c
+++ b/src/H5Tconv.c
@@ -887,7 +887,17 @@ done:
/* Macro defining action on source data which needs to be aligned (before main action) */
#define H5T_CONV_LOOP_PRE_SALIGN(ST) \
{ \
- H5MM_memcpy(&src_aligned, src, sizeof(ST)); \
+ /* The uint8_t * cast is required to avoid tripping over undefined behavior. \
+ * \
+ * The typed pointer arrives via a void pointer, which may have any alignment. \
+ * We then cast it to a pointer to a type that is assumed to be aligned, which \
+ * is undefined behavior (section 6.3.2.3 paragraph 7 of the C99 standard). \
+ * In the past this hasn't caused many problems, but in some cases (e.g. \
+ * converting long doubles on macOS), an optimizing compiler might do the \
+ * wrong thing (in the macOS case, the conversion uses SSE, which has stricter \
+ * requirements about alignment). \
+ */ \
+ H5MM_memcpy(&src_aligned, (const uint8_t *)src, sizeof(ST)); \
}
/* Macro defining action on source data which doesn't need to be aligned (before main action) */
@@ -919,7 +929,17 @@ done:
/* Macro defining action on destination data which needs to be aligned (after main action) */
#define H5T_CONV_LOOP_POST_DALIGN(DT) \
{ \
- H5MM_memcpy(dst, &dst_aligned, sizeof(DT)); \
+ /* The uint8_t * cast is required to avoid tripping over undefined behavior. \
+ * \
+ * The typed pointer arrives via a void pointer, which may have any alignment. \
+ * We then cast it to a pointer to a type that is assumed to be aligned, which \
+ * is undefined behavior (section 6.3.2.3 paragraph 7 of the C99 standard). \
+ * In the past this hasn't caused many problems, but in some cases (e.g. \
+ * converting long doubles on macOS), an optimizing compiler might do the \
+ * wrong thing (in the macOS case, the conversion uses SSE, which has stricter \
+ * requirements about alignment). \
+ */ \
+ H5MM_memcpy((uint8_t *)dst, &dst_aligned, sizeof(DT)); \
}
/* Macro defining action on destination data which doesn't need to be aligned (after main action) */