git: bc50720b3216 - stable/13 - tcp_lro: Fix for undefined behaviour.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 01 Aug 2023 18:29:45 UTC
The branch stable/13 has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=bc50720b321667c71d77d3f0c692a59c77f955da
commit bc50720b321667c71d77d3f0c692a59c77f955da
Author: Hans Petter Selasky <hselasky@FreeBSD.org>
AuthorDate: 2022-11-28 22:56:16 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-08-01 17:13:06 +0000
tcp_lro: Fix for undefined behaviour.
Make sure the size of the raw[] array in the lro_address union is
correctly set at compile time, so that static code analysis tools
do not report undefined behaviour.
PR: 265664
Sponsored by: NVIDIA Networking
(cherry picked from commit e0d8add4af0be1d37ede9a16f46424dc08f0d95e)
---
sys/netinet/tcp_lro.h | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/sys/netinet/tcp_lro.h b/sys/netinet/tcp_lro.h
index 2b0555027266..f3099d16bc1a 100644
--- a/sys/netinet/tcp_lro.h
+++ b/sys/netinet/tcp_lro.h
@@ -34,6 +34,8 @@
#define _TCP_LRO_H_
#include <sys/time.h>
+#include <sys/param.h>
+
#include <netinet/in.h>
#ifndef TCP_LRO_ENTRIES
@@ -65,8 +67,12 @@
struct inpcb;
+/* Precompute the LRO_RAW_ADDRESS_MAX value: */
+#define LRO_RAW_ADDRESS_MAX \
+ howmany(12 + 2 * sizeof(struct in6_addr), sizeof(u_long))
+
union lro_address {
- u_long raw[1];
+ u_long raw[LRO_RAW_ADDRESS_MAX];
struct {
uint8_t lro_type; /* internal */
#define LRO_TYPE_NONE 0
@@ -89,10 +95,10 @@ union lro_address {
struct in6_addr v6;
} d_addr; /* destination IPv4/IPv6 address */
};
-} __aligned(sizeof(u_long));
+};
-#define LRO_RAW_ADDRESS_MAX \
- (sizeof(union lro_address) / sizeof(u_long))
+_Static_assert(sizeof(union lro_address) == sizeof(u_long) * LRO_RAW_ADDRESS_MAX,
+ "The raw field in the lro_address union does not cover the whole structure.");
/* Optimize address comparison by comparing one unsigned long at a time: */