fix(android): prevent null pointer segfault on 32-bit platforms (#3619)

Without this alignment, accessing the `name` field reliably produces a segfault: ``` Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x1d in tid 13835 (Thread-7), pid 13757 (irezone.android) ``` Interestingly, this only happens in release builds on 32-bit platforms. Logging the returned name fixes it too which hints at some kind of optimisation issue. Adding a padding is the most reliable fix. Fixes: #3637. --------- Signed-off-by: Jamil <jamilbk@users.noreply.github.com> Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
2026-01-27 10:18:54 +00:00 · 2024-02-13 22:22:46 -08:00
parent b42f623ad6
commit 724a487a02
1 changed files with 6 additions and 1 deletions
--- a/rust/connlib/tunnel/src/device_channel/tun_android.rs
+++ b/rust/connlib/tunnel/src/device_channel/tun_android.rs
@@ -109,7 +109,12 @@ impl ioctl::Request<GetInterfaceNamePayload> {

 #[derive(Default)]
 #[repr(C)]
-struct GetInterfaceNamePayload;
+struct GetInterfaceNamePayload {
+    // Fixes a nasty alignment bug on 32-bit architectures on Android.
+    // The `name` field in `ioctl::Request` is only 16 bytes long and accessing it causes a NPE without this alignment.
+    // Why? Not sure. It seems to only happen in release mode which hints at an optimisation issue.
+    alignment: [std::ffi::c_uchar; 16],
+}

 /// Read from the given file descriptor in the buffer.
 fn read(fd: RawFd, dst: &mut [u8]) -> io::Result<usize> {