On Fri, Jan 18, 2019 at 1:49 AM Li RongQing <[email protected]> wrote:
> It has been assured that both first and second int from ftp > command are not bigger than 255, so their combination(first > int << 8 +second int) must not bigger than 65535 > > Signed-off-by: Wang Li <[email protected]> > Signed-off-by: Li RongQing <[email protected]> > --- > lib/conntrack.c | 7 +------ > 1 file changed, 1 insertion(+), 6 deletions(-) > > diff --git a/lib/conntrack.c b/lib/conntrack.c > index 6f6021a97..11a1e05bd 100644 > --- a/lib/conntrack.c > +++ b/lib/conntrack.c > @@ -2987,12 +2987,7 @@ process_ftp_ctl_v4(struct conntrack *ct, > return CT_FTP_CTL_INVALID; > } > > - uint16_t port_lo_hs = value; > - if (65535 - port_hs < port_lo_hs) { > - return CT_FTP_CTL_INVALID; > - } > - > - port_hs |= port_lo_hs; > + port_hs |= value; > This was intentionally done to be documentative and also make it hard to break; this code path sees a tiny number of packets. I am not sure there is much to gain by removing it and adding in lieu of comments ? > ovs_be16 port = htons(port_hs); > ovs_be32 conn_ipv4_addr; > > -- > 2.16.2 > > _______________________________________________ > dev mailing list > [email protected] > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
