* [iptables PATCH] extensions: libxt_sctp: Add an extra assert()
@ 2024-05-17 13:25 Phil Sutter
0 siblings, 0 replies; 3+ messages in thread
From: Phil Sutter @ 2024-05-17 13:25 UTC (permalink / raw)
To: netfilter-devel
The code is sane, but this keeps popping up in static code analyzers.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
extensions/libxt_sctp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c
index 6e2b2745dcbd5..e8312f0c8abe9 100644
--- a/extensions/libxt_sctp.c
+++ b/extensions/libxt_sctp.c
@@ -7,6 +7,7 @@
* libipt_ecn.c borrowed heavily from libipt_dscp.c
*
*/
+#include <assert.h>
#include <stdbool.h>
#include <stdio.h>
#include <string.h>
@@ -354,6 +355,7 @@ print_chunk_flags(uint32_t chunknum, uint8_t chunk_flags, uint8_t chunk_flags_ma
for (i = 7; i >= 0; i--) {
if (chunk_flags_mask & (1 << i)) {
+ assert(chunknum < ARRAY_SIZE(sctp_chunk_names));
if (chunk_flags & (1 << i)) {
printf("%c", sctp_chunk_names[chunknum].valid_flags[7-i]);
} else {
--
2.43.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [iptables PATCH] extensions: libxt_sctp: Add an extra assert()
@ 2024-06-12 12:41 Phil Sutter
2024-06-12 20:44 ` Phil Sutter
0 siblings, 1 reply; 3+ messages in thread
From: Phil Sutter @ 2024-06-12 12:41 UTC (permalink / raw)
To: netfilter-devel
The code is sane, but this keeps popping up in static code analyzers.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
extensions/libxt_sctp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c
index 6e2b2745dcbd5..e8312f0c8abe9 100644
--- a/extensions/libxt_sctp.c
+++ b/extensions/libxt_sctp.c
@@ -7,6 +7,7 @@
* libipt_ecn.c borrowed heavily from libipt_dscp.c
*
*/
+#include <assert.h>
#include <stdbool.h>
#include <stdio.h>
#include <string.h>
@@ -354,6 +355,7 @@ print_chunk_flags(uint32_t chunknum, uint8_t chunk_flags, uint8_t chunk_flags_ma
for (i = 7; i >= 0; i--) {
if (chunk_flags_mask & (1 << i)) {
+ assert(chunknum < ARRAY_SIZE(sctp_chunk_names));
if (chunk_flags & (1 << i)) {
printf("%c", sctp_chunk_names[chunknum].valid_flags[7-i]);
} else {
--
2.43.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [iptables PATCH] extensions: libxt_sctp: Add an extra assert()
2024-06-12 12:41 [iptables PATCH] extensions: libxt_sctp: Add an extra assert() Phil Sutter
@ 2024-06-12 20:44 ` Phil Sutter
0 siblings, 0 replies; 3+ messages in thread
From: Phil Sutter @ 2024-06-12 20:44 UTC (permalink / raw)
To: netfilter-devel
On Wed, Jun 12, 2024 at 02:41:08PM +0200, Phil Sutter wrote:
> The code is sane, but this keeps popping up in static code analyzers.
>
> Signed-off-by: Phil Sutter <phil@nwl.cc>
Patch applied.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-06-12 20:44 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-06-12 12:41 [iptables PATCH] extensions: libxt_sctp: Add an extra assert() Phil Sutter
2024-06-12 20:44 ` Phil Sutter
-- strict thread matches above, loose matches on Subject: below --
2024-05-17 13:25 Phil Sutter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).