Smatch reported a possible off-by-one in tcp_validate_cookie(). However, it's false positive because the possible range of mssind is limited from 0 to 3 by the preceding calculation. mssind = (cookie & (3 << 6)) >> 6; There's no real issue, but let's make Smatch happy to suppress the same reports. Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> Closes: https://lore.kernel.org/bpf/6ae12487-d3f1-488b-9514-af0dac96608f@stanley.mountain/ Signed-off-by: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx> --- tools/testing/selftests/bpf/progs/test_tcp_custom_syncookie.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/test_tcp_custom_syncookie.c b/tools/testing/selftests/bpf/progs/test_tcp_custom_syncookie.c index 44ee0d037f95..36b842133033 100644 --- a/tools/testing/selftests/bpf/progs/test_tcp_custom_syncookie.c +++ b/tools/testing/selftests/bpf/progs/test_tcp_custom_syncookie.c @@ -487,12 +487,12 @@ static int tcp_validate_cookie(struct tcp_syncookie *ctx) mssind = (cookie & (3 << 6)) >> 6; if (ctx->ipv4) { - if (mssind > ARRAY_SIZE(msstab4)) + if (mssind >= ARRAY_SIZE(msstab4)) goto err; ctx->attrs.mss = msstab4[mssind]; } else { - if (mssind > ARRAY_SIZE(msstab6)) + if (mssind >= ARRAY_SIZE(msstab6)) goto err; ctx->attrs.mss = msstab6[mssind]; -- 2.30.2
