Fix UB pointer comparison in event.c

==36472==ERROR: AddressSanitizer: invalid-pointer-pair: 0x000000e9de00 0x608000000db0
    #0 0x4d0658 in timeout_compare /home/runner/work/tinc/tinc/openssl3/../src/event.c:97:7
    #1 0x55a3af in splay_top_down /home/runner/work/tinc/tinc/openssl3/../src/splay_tree.c:41:13
    #2 0x559868 in splay_search_closest_node /home/runner/work/tinc/tinc/openssl3/../src/splay_tree.c:378:9
    #3 0x55cd54 in splay_insert_node /home/runner/work/tinc/tinc/openssl3/../src/splay_tree.c:446:13
    #4 0x4cecfc in timeout_set /home/runner/work/tinc/tinc/openssl3/../src/event.c:267:6
    #5 0x4d3c49 in retry /home/runner/work/tinc/tinc/openssl3/../src/net.c:477:2
    #6 0x53f274 in control_h /home/runner/work/tinc/tinc/openssl3/../src/control.c:96:3
    #7 0x500a44 in receive_request /home/runner/work/tinc/tinc/openssl3/../src/protocol.c:180:7
    #8 0x5485b2 in receive_meta /home/runner/work/tinc/tinc/openssl3/../src/meta.c:308:19
    #9 0x4d1c18 in handle_meta_connection_data /home/runner/work/tinc/tinc/openssl3/../src/net.c:305:6
    #10 0x4fa3cc in handle_meta_io /home/runner/work/tinc/tinc/openssl3/../src/net_socket.c:560:3
    #11 0x4cfbe3 in event_loop /home/runner/work/tinc/tinc/openssl3/../src/event.c:453:5
    #12 0x4d4127 in main_loop /home/runner/work/tinc/tinc/openssl3/../src/net.c:508:6
    #13 0x4cbe24 in main /home/runner/work/tinc/tinc/openssl3/../src/tincd.c:702:11
    #14 0x7f1900c1e082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)
    #15 0x41eafd in _start (/home/runner/work/tinc/tinc/openssl3/src/tincd+0x41eafd)

0x000000e9de00 is located 0 bytes inside of global variable 'pingtimer' defined in '../src/net.c:44:18' (0xe9de00) of size 80
0x608000000db0 is located 16 bytes inside of 96-byte region [0x608000000da0,0x608000000e00)
allocated by thread T0 here:
    #0 0x499ed2 in calloc (/home/runner/work/tinc/tinc/openssl3/src/tincd+0x499ed2)
    #1 0x4fc6a9 in xzalloc /home/runner/work/tinc/tinc/openssl3/../src/xalloc.h:41:12
    #2 0x4fbfb0 in try_outgoing_connections /home/runner/work/tinc/tinc/openssl3/../src/net_socket.c:855:27
    #3 0x4d31ac in reload_configuration /home/runner/work/tinc/tinc/openssl3/../src/net.c:435:2
    #4 0x53f2bd in control_h /home/runner/work/tinc/tinc/openssl3/../src/control.c:101:16
    #5 0x500a44 in receive_request /home/runner/work/tinc/tinc/openssl3/../src/protocol.c:180:7
    #6 0x5485b2 in receive_meta /home/runner/work/tinc/tinc/openssl3/../src/meta.c:308:19
    #7 0x4d1c18 in handle_meta_connection_data /home/runner/work/tinc/tinc/openssl3/../src/net.c:305:6
    #8 0x4fa3cc in handle_meta_io /home/runner/work/tinc/tinc/openssl3/../src/net_socket.c:560:3
    #9 0x4cfbe3 in event_loop /home/runner/work/tinc/tinc/openssl3/../src/event.c:453:5
    #10 0x4d4127 in main_loop /home/runner/work/tinc/tinc/openssl3/../src/net.c:508:6
    #11 0x4cbe24 in main /home/runner/work/tinc/tinc/openssl3/../src/tincd.c:702:11
    #12 0x7f1900c1e082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)

diff --git a/src/event.c b/src/event.c
index 56d8fa9..05ddb47 100644 (file)
--- a/src/event.c
+++ b/src/event.c
@@ -60,11 +60,14 @@ static int timeout_compare(const timeout_t *a, const timeout_t *b) {
                return 1;
        }
 
-       if(a < b) {
+       uintptr_t ap = (uintptr_t)a;
+       uintptr_t bp = (uintptr_t)b;
+
+       if(ap < bp) {
                return -1;
        }
 
-       if(a > b) {
+       if(ap > bp) {
                return 1;
        }