[patch] ipvs: prevent some underflows

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Quite a few drivers allow very low settings for dev->mtu.  My static
checker complains this could cause some underflow problems when we do
the subtractions in set_sync_mesg_maxlen().

I don't know that it's harmful necessarily, but it seems like an easy
thing to prevent the underflows.

Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
---
Please review this one carefully, because I'm not very sure of myself
here.

diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c
index b08ba95..b4e148b 100644
--- a/net/netfilter/ipvs/ip_vs_sync.c
+++ b/net/netfilter/ipvs/ip_vs_sync.c
@@ -1352,7 +1352,7 @@ static int set_sync_mesg_maxlen(struct net *net, int sync_state)
 {
 	struct netns_ipvs *ipvs = net_ipvs(net);
 	struct net_device *dev;
-	int num;
+	unsigned int num;
 
 	if (sync_state == IP_VS_STATE_MASTER) {
 		dev = __dev_get_by_name(net, ipvs->master_mcast_ifn);
@@ -1363,7 +1363,8 @@ static int set_sync_mesg_maxlen(struct net *net, int sync_state)
 		       sizeof(struct udphdr) -
 		       SYNC_MESG_HEADER_LEN - 20) / SIMPLE_CONN_SIZE;
 		ipvs->send_mesg_maxlen = SYNC_MESG_HEADER_LEN +
-			SIMPLE_CONN_SIZE * min(num, MAX_CONNS_PER_SYNCBUFF);
+			SIMPLE_CONN_SIZE * min_t(uint, num,
+						 MAX_CONNS_PER_SYNCBUFF);
 		IP_VS_DBG(7, "setting the maximum length of sync sending "
 			  "message %d.\n", ipvs->send_mesg_maxlen);
 	} else if (sync_state == IP_VS_STATE_BACKUP) {
@@ -1371,8 +1372,11 @@ static int set_sync_mesg_maxlen(struct net *net, int sync_state)
 		if (!dev)
 			return -ENODEV;
 
-		ipvs->recv_mesg_maxlen = dev->mtu -
-			sizeof(struct iphdr) - sizeof(struct udphdr);
+		if (dev->mtu < sizeof(struct iphdr) + sizeof(struct udphdr))
+			ipvs->recv_mesg_maxlen = 0;
+		else
+			ipvs->recv_mesg_maxlen = dev->mtu -
+				sizeof(struct iphdr) - sizeof(struct udphdr);
 		IP_VS_DBG(7, "setting the maximum length of sync receiving "
 			  "message %d.\n", ipvs->recv_mesg_maxlen);
 	}
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux