Date: Tue, 20 Nov 2018 10:14:04 -0800 From: Conrad Meyer <cem@freebsd.org> To: "Andrey V. Elsukov" <ae@freebsd.org> Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r340360 - in head: sbin/ipfw sys/netinet6 sys/netpfil/ipfw/nptv6 Message-ID: <CAG6CVpU0F-ptJcD61FAVXrbRJzrjAuBEnpHORGZNp74U94o2Jw@mail.gmail.com> In-Reply-To: <201811121120.wACBKxMt061432@repo.freebsd.org> References: <201811121120.wACBKxMt061432@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Andrey, On Mon, Nov 12, 2018 at 3:21 AM Andrey V. Elsukov <ae@freebsd.org> wrote: > > Author: ae > Date: Mon Nov 12 11:20:59 2018 > New Revision: 340360 > URL: https://svnweb.freebsd.org/changeset/base/340360 > > Log: > Add ability to use dynamic external prefix in ipfw_nptv6 module. > > ... > Modified: head/sbin/ipfw/nptv6.c > ============================================================================== > --- head/sbin/ipfw/nptv6.c Mon Nov 12 07:14:34 2018 (r340359) > +++ head/sbin/ipfw/nptv6.c Mon Nov 12 11:20:59 2018 (r340360) > ... > @@ -245,13 +261,14 @@ check_prefix: > if ((flags & NPTV6_HAS_INTPREFIX) != NPTV6_HAS_INTPREFIX) > errx(EX_USAGE, "int_prefix required"); > if ((flags & NPTV6_HAS_EXTPREFIX) != NPTV6_HAS_EXTPREFIX) > - errx(EX_USAGE, "ext_prefix required"); > + errx(EX_USAGE, "ext_prefix or ext_if required"); > if ((flags & NPTV6_HAS_PREFIXLEN) != NPTV6_HAS_PREFIXLEN) > errx(EX_USAGE, "prefixlen required"); > > n2mask(&mask, cfg->plen); > APPLY_MASK(&cfg->internal, &mask); > - APPLY_MASK(&cfg->external, &mask); > + if ((cfg->flags & NPTV6_DYNAMIC_PREFIX) == 0) > + APPLY_MASK(&cfg->external, &mask); Coverity points out that APPLY_MASK() is a macro composed of multiple statements, and only the first statement will be conditional on the if () expression. This means that effectively, the final three words of mask will be applied to cfg->external unconditionally. CID is 1396914. I would suggest using the do { } while (0) construct in the APPLY_MASK macro to fix the issue. Best, Conrad
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG6CVpU0F-ptJcD61FAVXrbRJzrjAuBEnpHORGZNp74U94o2Jw>