131 lines
3.5 KiB
Diff
131 lines
3.5 KiB
Diff
From 850bb9c15d39dcbefb0849955f4f09382f587c20 Mon Sep 17 00:00:00 2001
|
|
From: Stefano Brivio <sbrivio@redhat.com>
|
|
Date: Mon, 27 Feb 2023 02:45:42 +0100
|
|
Subject: [PATCH 04/20] tcp, tcp_splice: Get rid of false positive CWE-394
|
|
Coverity warning from fls()
|
|
|
|
We use the return value of fls() as array index for debug strings.
|
|
|
|
While fls() can return -1 (if no bit is set), Coverity Scan doesn't
|
|
see that we're first checking the return value of another fls() call
|
|
with the same bitmask, before using it.
|
|
|
|
Call fls() once, store its return value, check it, and use the stored
|
|
value as array index.
|
|
|
|
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
|
|
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
|
|
(cherry picked from commit 5474bc5485d814acae19961f9a9cd4b541722a5e)
|
|
---
|
|
tcp.c | 12 ++++++++----
|
|
tcp_splice.c | 24 ++++++++++++++++--------
|
|
2 files changed, 24 insertions(+), 12 deletions(-)
|
|
|
|
diff --git a/tcp.c b/tcp.c
|
|
index 803c2c4..c62fe44 100644
|
|
--- a/tcp.c
|
|
+++ b/tcp.c
|
|
@@ -743,15 +743,19 @@ static void conn_flag_do(const struct ctx *c, struct tcp_tap_conn *conn,
|
|
unsigned long flag)
|
|
{
|
|
if (flag & (flag - 1)) {
|
|
+ int flag_index = fls(~flag);
|
|
+
|
|
if (!(conn->flags & ~flag))
|
|
return;
|
|
|
|
conn->flags &= flag;
|
|
- if (fls(~flag) >= 0) {
|
|
+ if (flag_index >= 0) {
|
|
debug("TCP: index %li: %s dropped", CONN_IDX(conn),
|
|
- tcp_flag_str[fls(~flag)]);
|
|
+ tcp_flag_str[flag_index]);
|
|
}
|
|
} else {
|
|
+ int flag_index = fls(~flag);
|
|
+
|
|
if (conn->flags & flag) {
|
|
/* Special case: setting ACK_FROM_TAP_DUE on a
|
|
* connection where it's already set is used to
|
|
@@ -766,9 +770,9 @@ static void conn_flag_do(const struct ctx *c, struct tcp_tap_conn *conn,
|
|
}
|
|
|
|
conn->flags |= flag;
|
|
- if (fls(flag) >= 0) {
|
|
+ if (flag_index >= 0) {
|
|
debug("TCP: index %li: %s", CONN_IDX(conn),
|
|
- tcp_flag_str[fls(flag)]);
|
|
+ tcp_flag_str[flag_index]);
|
|
}
|
|
}
|
|
|
|
diff --git a/tcp_splice.c b/tcp_splice.c
|
|
index 84f855e..67af46b 100644
|
|
--- a/tcp_splice.c
|
|
+++ b/tcp_splice.c
|
|
@@ -127,22 +127,26 @@ static void conn_flag_do(const struct ctx *c, struct tcp_splice_conn *conn,
|
|
unsigned long flag)
|
|
{
|
|
if (flag & (flag - 1)) {
|
|
+ int flag_index = fls(~flag);
|
|
+
|
|
if (!(conn->flags & ~flag))
|
|
return;
|
|
|
|
conn->flags &= flag;
|
|
- if (fls(~flag) >= 0) {
|
|
+ if (flag_index >= 0) {
|
|
debug("TCP (spliced): index %li: %s dropped", CONN_IDX(conn),
|
|
- tcp_splice_flag_str[fls(~flag)]);
|
|
+ tcp_splice_flag_str[flag_index]);
|
|
}
|
|
} else {
|
|
+ int flag_index = fls(flag);
|
|
+
|
|
if (conn->flags & flag)
|
|
return;
|
|
|
|
conn->flags |= flag;
|
|
- if (fls(flag) >= 0) {
|
|
+ if (flag_index >= 0) {
|
|
debug("TCP (spliced): index %li: %s", CONN_IDX(conn),
|
|
- tcp_splice_flag_str[fls(flag)]);
|
|
+ tcp_splice_flag_str[flag_index]);
|
|
}
|
|
}
|
|
|
|
@@ -207,22 +211,26 @@ static void conn_event_do(const struct ctx *c, struct tcp_splice_conn *conn,
|
|
unsigned long event)
|
|
{
|
|
if (event & (event - 1)) {
|
|
+ int flag_index = fls(~event);
|
|
+
|
|
if (!(conn->events & ~event))
|
|
return;
|
|
|
|
conn->events &= event;
|
|
- if (fls(~event) >= 0) {
|
|
+ if (flag_index >= 0) {
|
|
debug("TCP (spliced): index %li, ~%s", CONN_IDX(conn),
|
|
- tcp_splice_event_str[fls(~event)]);
|
|
+ tcp_splice_event_str[flag_index]);
|
|
}
|
|
} else {
|
|
+ int flag_index = fls(event);
|
|
+
|
|
if (conn->events & event)
|
|
return;
|
|
|
|
conn->events |= event;
|
|
- if (fls(event) >= 0) {
|
|
+ if (flag_index >= 0) {
|
|
debug("TCP (spliced): index %li, %s", CONN_IDX(conn),
|
|
- tcp_splice_event_str[fls(event)]);
|
|
+ tcp_splice_event_str[flag_index]);
|
|
}
|
|
}
|
|
|
|
--
|
|
2.39.2
|
|
|