s3:talloc_dict: fix a SIGBUS when dereferencing unaligned pointers

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Nov 30 22:31:16 CET 2015 on sn-devel-104

diff --git a/source3/lib/talloc_dict.c b/source3/lib/talloc_dict.c
index 71ab8990066134e273afb2d24e4de0b3c74b2bef..759467901478e88a6717046ce4250181d3c28b98 100644 (file)
--- a/source3/lib/talloc_dict.c
+++ b/source3/lib/talloc_dict.c
@@ -72,7 +72,7 @@ bool talloc_dict_set(struct talloc_dict *dict, DATA_BLOB key, void *pdata)
                        TALLOC_FREE(rec);
                        return false;
                }
-               old_data = *(void **)(value.dptr);
+               memcpy(&old_data, value.dptr, sizeof(old_data));
                TALLOC_FREE(old_data);
                if (data == NULL) {
                        status = dbwrap_record_delete(rec);
@@ -138,6 +138,7 @@ static int talloc_dict_traverse_fn(struct db_record *rec, void *private_data)
        TDB_DATA value;
        struct talloc_dict_traverse_state *state =
                (struct talloc_dict_traverse_state *)private_data;
+       void *p;
 
        key = dbwrap_record_get_key(rec);
        value = dbwrap_record_get_value(rec);
@@ -145,8 +146,10 @@ static int talloc_dict_traverse_fn(struct db_record *rec, void *private_data)
        if (value.dsize != sizeof(void *)) {
                return -1;
        }
+
+       memcpy(&p, value.dptr, sizeof(p));
        return state->fn(data_blob_const(key.dptr, key.dsize),
-                        *(void **)value.dptr, state->private_data);
+                        p, state->private_data);
 }
 
 /*