On 8/21/24 7:54 AM, Yonghong Song wrote:
On 8/20/24 6:34 PM, Kuniyuki Iwashima wrote:
Smatch reported a possible off-by-one in tcp_validate_cookie().
However, it's false positive because the possible range of mssind is
limited from 0 to 3 by the preceding calculation.
mssind = (cookie & (3 << 6)) >> 6;
Now, the verifier does not complain without the boundary check.
Let's remove the checks.
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Closes: https://lore.kernel.org/bpf/6ae12487-d3f1-488b-9514-
af0dac96608f@stanley.mountain/
Signed-off-by: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx>
Acked-by: Yonghong Song <yonghong.song@xxxxxxxxx>
Applied to bpf-next/net. Thanks.
