Fix misaligned read of CK_ULONG via void pointer.

[citypw]

The PKCS#11 spec defines pValue as CK_VOID_PTR, which carries no alignment guarantee. Casting directly to CK_ULONG_PTR and dereferencing invokes undefined behaviour when the pointer is not 8-byte aligned (UBSAN: load of misaligned address).

Replace the direct cast with memcpy(), which is the correct way to read an unaligned value in C/C++.

Summary by CodeRabbit

• Bug Fixes
  • Fixed attribute matching in object initialization to properly handle unsigned-long value comparisons, improving reliability of attribute-based object lookups.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 429653b2-078e-48cd-8222-21c26a19b947

📥 Commits

Reviewing files that changed from the base of the PR and between 5a3466f and 7019e0e.

📒 Files selected for processing (1)

• src/lib/SoftHSM.cpp

---

📝 Walkthrough

Walkthrough

Modified the attribute value extraction in SoftHSM::C_FindObjectsInit to use memcpy for safe reading of unsigned-long template values instead of direct pointer dereferencing, eliminating type-punning while maintaining existing validation and control flow logic.

Changes

Cohort / File(s)	Summary
Memory Safety Improvement src/lib/SoftHSM.cpp	Replaced direct pointer dereferencing (pTemplate[i].pValue as CK_ULONG_PTR) with memcpy-based value extraction for unsigned-long attribute matching, avoiding undefined behavior from type punning while preserving length validation and match semantics.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 A pointer once punned with daring flair,
But now memcpy handles it with care—
No type-cast tricks, just bytes so neat,
Safe dereferencing makes this patch complete! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: fixing an unsafe misaligned read of a CK_ULONG value that was being dereferenced through a void pointer.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[citypw]

Reproducing: misaligned-access in pkcs11_findobj_fuzz
Input: /tmp/tmp.SAEICRuwLC (14 bytes)

[harness] PKCS#11 ready — RSA priv=2 ec_priv=4 aes=6
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 3094544292
INFO: Loaded 2 modules   (144449 inline 8-bit counters): 96 [0x64a2b086f030, 0x64a2b086f090), 144353 [0x7e684538f590, 0x7e68453b2971),
INFO: Loaded 2 PC tables (144449 PCs): 96 [0x64a2b086f090,0x64a2b086f690), 144353 [0x7e68453b2978,0x7e68455e6788),
/home/bughunting/pkcs11-fuzzer/harnesses/pkcs11_findobj_fuzz: Running 1 inputs 1 time(s) each.
Running: /tmp/tmp.SAEICRuwLC
/home/bughunting/pkcs11-fuzzer/src/softhsm2/src/lib/SoftHSM.cpp:2095:33: runtime error: load of misaligned address 0x502000007b36 for type 'CK_ULONG' (aka 'unsigned long'), which requires 8 byte alignment
0x502000007b36: note: pointer points here
 00 00 08 00 00 00  02 01 00 01 00 00 00 00  03 11 00 00 08 00 00 00  4e 09 00 00 00 00 00 00  52 09
             ^
    #0 0x7e6844855ddc in SoftHSM::C_FindObjectsInit(unsigned long, _CK_ATTRIBUTE*, unsigned long) /home/bughunting/pkcs11-fuzzer/src/softhsm2/src/lib/SoftHSM.cpp:2095:33
    #1 0x7e68447f64b7 in C_FindObjectsInit /home/bughunting/pkcs11-fuzzer/src/softhsm2/src/lib/main.cpp:527:24
    #2 0x64a2b0866e0b in LLVMFuzzerTestOneInput /home/bughunting/pkcs11-fuzzer/harnesses/pkcs11_findobj_fuzz.c:60:16
    #3 0x64a2b07731e4 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) crtstuff.c
    #4 0x64a2b075c2f6 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) crtstuff.c
    #5 0x64a2b0761daa in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) crtstuff.c
    #6 0x64a2b078c5c6 in main (/home/bughunting/pkcs11-fuzzer/harnesses/pkcs11_findobj_fuzz+0xaf5c6) (BuildId: 48d85eb683de1a89)
    #7 0x7e684822a1c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #8 0x7e684822a28a in __libc_start_main csu/../csu/libc-start.c:360:3
    #9 0x64a2b0756ec4 in _start (/home/bughunting/pkcs11-fuzzer/harnesses/pkcs11_findobj_fuzz+0x79ec4) (BuildId: 48d85eb683de1a89)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /home/bughunting/pkcs11-fuzzer/src/softhsm2/src/lib/SoftHSM.cpp:2095:33