diff options
| author | Stefano Brivio <sbrivio@redhat.com> | 2022-09-19 22:15:04 +0200 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2022-09-22 16:54:09 +0200 |
| commit | 4a1b67527862c687f523470bda441a954d00a9af (patch) | |
| tree | c52df22893fa42f3a82f0b49dda21a5806a38343 /tcp.h | |
| parent | d30bde3181a3d3aac406a15fd6c905612c8e416c (diff) | |
| download | passt-4a1b67527862c687f523470bda441a954d00a9af.tar passt-4a1b67527862c687f523470bda441a954d00a9af.tar.gz passt-4a1b67527862c687f523470bda441a954d00a9af.tar.bz2 passt-4a1b67527862c687f523470bda441a954d00a9af.tar.lz passt-4a1b67527862c687f523470bda441a954d00a9af.tar.xz passt-4a1b67527862c687f523470bda441a954d00a9af.tar.zst passt-4a1b67527862c687f523470bda441a954d00a9af.zip | |
conf, tcp, udp: Arrays for ports need 2^16 values, not 2^16-8
Reported by David but also by Coverity (CWE-119):
In conf_ports: Out-of-bounds access to a buffer
...not in practice, because the allocation size is rounded up
anyway, but not nice either.
Reported-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'tcp.h')
| -rw-r--r-- | tcp.h | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -69,9 +69,9 @@ struct tcp_ctx { uint64_t hash_secret[2]; int conn_count; int splice_conn_count; - uint8_t port_to_tap [USHRT_MAX / 8]; + uint8_t port_to_tap [DIV_ROUND_UP(USHRT_MAX, 8)]; int init_detect_ports; - uint8_t port_to_init [USHRT_MAX / 8]; + uint8_t port_to_init [DIV_ROUND_UP(USHRT_MAX, 8)]; int ns_detect_ports; struct timespec timer_run; #ifdef HAS_SND_WND |