Hi Andrey,
On Mon, Nov 12, 2018 at 3:21 AM Andrey V. Elsukov <[email protected]> wrote:
>
> Author: ae
> Date: Mon Nov 12 11:20:59 2018
> New Revision: 340360
> URL: https://svnweb.freebsd.org/changeset/base/340360
>
> Log:
> Add ability to use dynamic external prefix in ipfw_nptv6 module.
>
> ...
> Modified: head/sbin/ipfw/nptv6.c
> ==============================================================================
> --- head/sbin/ipfw/nptv6.c Mon Nov 12 07:14:34 2018 (r340359)
> +++ head/sbin/ipfw/nptv6.c Mon Nov 12 11:20:59 2018 (r340360)
> ...
> @@ -245,13 +261,14 @@ check_prefix:
> if ((flags & NPTV6_HAS_INTPREFIX) != NPTV6_HAS_INTPREFIX)
> errx(EX_USAGE, "int_prefix required");
> if ((flags & NPTV6_HAS_EXTPREFIX) != NPTV6_HAS_EXTPREFIX)
> - errx(EX_USAGE, "ext_prefix required");
> + errx(EX_USAGE, "ext_prefix or ext_if required");
> if ((flags & NPTV6_HAS_PREFIXLEN) != NPTV6_HAS_PREFIXLEN)
> errx(EX_USAGE, "prefixlen required");
>
> n2mask(&mask, cfg->plen);
> APPLY_MASK(&cfg->internal, &mask);
> - APPLY_MASK(&cfg->external, &mask);
> + if ((cfg->flags & NPTV6_DYNAMIC_PREFIX) == 0)
> + APPLY_MASK(&cfg->external, &mask);
Coverity points out that APPLY_MASK() is a macro composed of multiple
statements, and only the first statement will be conditional on the if
() expression. This means that effectively, the final three words of
mask will be applied to cfg->external unconditionally. CID is
1396914.
I would suggest using the do { } while (0) construct in the APPLY_MASK
macro to fix the issue.
Best,
Conrad
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "[email protected]"
