From: Martin KaFai Lau <martin.lau@xxxxxxxxx> Date: Tue, 20 Aug 2024 17:11:48 -0700 > On 8/19/24 12:42 PM, Kuniyuki Iwashima wrote: > > Smatch reported a possible off-by-one in tcp_validate_cookie(). > > > > However, it's false positive because the possible range of mssind is > > limited from 0 to 3 by the preceding calculation. > > > > mssind = (cookie & (3 << 6)) >> 6; > > > > There's no real issue, but let's make Smatch happy to suppress the same > > reports. > > > > Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > > Closes: https://lore.kernel.org/bpf/6ae12487-d3f1-488b-9514-af0dac96608f@stanley.mountain/ > > Signed-off-by: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx> > > --- > > tools/testing/selftests/bpf/progs/test_tcp_custom_syncookie.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > diff --git a/tools/testing/selftests/bpf/progs/test_tcp_custom_syncookie.c b/tools/testing/selftests/bpf/progs/test_tcp_custom_syncookie.c > > index 44ee0d037f95..36b842133033 100644 > > --- a/tools/testing/selftests/bpf/progs/test_tcp_custom_syncookie.c > > +++ b/tools/testing/selftests/bpf/progs/test_tcp_custom_syncookie.c > > @@ -487,12 +487,12 @@ static int tcp_validate_cookie(struct tcp_syncookie *ctx) > > > > mssind = (cookie & (3 << 6)) >> 6; > > This should have bound the mssind. > > > if (ctx->ipv4) { > > - if (mssind > ARRAY_SIZE(msstab4)) > > + if (mssind >= ARRAY_SIZE(msstab4)) > > Does the verifier complain without this if check? It didn't :) I'll remove the checks in v2. Thanks!
