From 2a3b8dad33d4921a210062101f92f5fe9e349ef0 Mon Sep 17 00:00:00 2001 From: Stefano Brivio Date: Tue, 5 Apr 2022 12:51:00 +0200 Subject: tcp, tcp_splice: False "Negative array index read" positives, CWE-129 A flag or event bit is always set by callers. Reported by Coverity. Signed-by-off: Stefano Brivio --- tcp_splice.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) (limited to 'tcp_splice.c') diff --git a/tcp_splice.c b/tcp_splice.c index 7c19d99..1e24986 100644 --- a/tcp_splice.c +++ b/tcp_splice.c @@ -170,15 +170,19 @@ static void conn_flag_do(const struct ctx *c, struct tcp_splice_conn *conn, return; conn->flags &= flag; - debug("TCP (spliced): index %li: %s dropped", conn - tc, - tcp_splice_flag_str[fls(~flag)]); + if (fls(~flag) >= 0) { + debug("TCP (spliced): index %li: %s dropped", conn - tc, + tcp_splice_flag_str[fls(~flag)]); + } } else { if (conn->flags & flag) return; conn->flags |= flag; - debug("TCP (spliced): index %li: %s", conn - tc, - tcp_splice_flag_str[fls(flag)]); + if (fls(flag) >= 0) { + debug("TCP (spliced): index %li: %s", conn - tc, + tcp_splice_flag_str[fls(flag)]); + } } if (flag == CLOSING) @@ -250,15 +254,19 @@ static void conn_event_do(const struct ctx *c, struct tcp_splice_conn *conn, return; conn->events &= event; - debug("TCP (spliced): index %li, ~%s", conn - tc, - tcp_splice_event_str[fls(~event)]); + if (fls(~event) >= 0) { + debug("TCP (spliced): index %li, ~%s", conn - tc, + tcp_splice_event_str[fls(~event)]); + } } else { if (conn->events & event) return; conn->events |= event; - debug("TCP (spliced): index %li, %s", conn - tc, - tcp_splice_event_str[fls(event)]); + if (fls(event) >= 0) { + debug("TCP (spliced): index %li, %s", conn - tc, + tcp_splice_event_str[fls(event)]); + } } if (tcp_splice_epoll_ctl(c, conn)) -- cgit v1.2.3