From 850bb9c15d39dcbefb0849955f4f09382f587c20 Mon Sep 17 00:00:00 2001

From: Stefano Brivio <sbrivio@redhat.com>

Date: Mon, 27 Feb 2023 02:45:42 +0100

Subject: [PATCH 04/20] tcp, tcp_splice: Get rid of false positive CWE-394

 Coverity warning from fls()

We use the return value of fls() as array index for debug strings.

While fls() can return -1 (if no bit is set), Coverity Scan doesn't

see that we're first checking the return value of another fls() call

with the same bitmask, before using it.

Call fls() once, store its return value, check it, and use the stored

value as array index.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>

(cherry picked from commit 5474bc5485d814acae19961f9a9cd4b541722a5e)

---

 tcp.c        | 12 ++++++++----

 tcp_splice.c | 24 ++++++++++++++++--------

 2 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/tcp.c b/tcp.c

index 803c2c4..c62fe44 100644

--- a/tcp.c

+++ b/tcp.c

@@ -743,15 +743,19 @@ static void conn_flag_do(const struct ctx *c, struct tcp_tap_conn *conn,

 			 unsigned long flag)

 {

 	if (flag & (flag - 1)) {

+		int flag_index = fls(~flag);

+

 		if (!(conn->flags & ~flag))

 			return;

 		conn->flags &= flag;

-		if (fls(~flag) >= 0) {

+		if (flag_index >= 0) {

 			debug("TCP: index %li: %s dropped", CONN_IDX(conn),

-			      tcp_flag_str[fls(~flag)]);

+			      tcp_flag_str[flag_index]);

 		}

 	} else {

+		int flag_index = fls(~flag);

+

 		if (conn->flags & flag) {

 			/* Special case: setting ACK_FROM_TAP_DUE on a

 			 * connection where it's already set is used to

@@ -766,9 +770,9 @@ static void conn_flag_do(const struct ctx *c, struct tcp_tap_conn *conn,

 		}

 		conn->flags |= flag;

-		if (fls(flag) >= 0) {

+		if (flag_index >= 0) {

 			debug("TCP: index %li: %s", CONN_IDX(conn),

-			      tcp_flag_str[fls(flag)]);

+			      tcp_flag_str[flag_index]);

 		}

 	}

diff --git a/tcp_splice.c b/tcp_splice.c

index 84f855e..67af46b 100644

--- a/tcp_splice.c

+++ b/tcp_splice.c

@@ -127,22 +127,26 @@ static void conn_flag_do(const struct ctx *c, struct tcp_splice_conn *conn,

 			 unsigned long flag)

 {

 	if (flag & (flag - 1)) {

+		int flag_index = fls(~flag);

+

 		if (!(conn->flags & ~flag))

 			return;

 		conn->flags &= flag;

-		if (fls(~flag) >= 0) {

+		if (flag_index >= 0) {

 			debug("TCP (spliced): index %li: %s dropped", CONN_IDX(conn),

-			      tcp_splice_flag_str[fls(~flag)]);

+			      tcp_splice_flag_str[flag_index]);

 		}

 	} else {

+		int flag_index = fls(flag);

+

 		if (conn->flags & flag)

 			return;

 		conn->flags |= flag;

-		if (fls(flag) >= 0) {

+		if (flag_index >= 0) {

 			debug("TCP (spliced): index %li: %s", CONN_IDX(conn),

-			      tcp_splice_flag_str[fls(flag)]);

+			      tcp_splice_flag_str[flag_index]);

 		}

 	}

@@ -207,22 +211,26 @@ static void conn_event_do(const struct ctx *c, struct tcp_splice_conn *conn,

 			  unsigned long event)

 {

 	if (event & (event - 1)) {

+		int flag_index = fls(~event);

+

 		if (!(conn->events & ~event))

 			return;

 		conn->events &= event;

-		if (fls(~event) >= 0) {

+		if (flag_index >= 0) {

 			debug("TCP (spliced): index %li, ~%s", CONN_IDX(conn),

-			      tcp_splice_event_str[fls(~event)]);

+			      tcp_splice_event_str[flag_index]);

 		}

 	} else {

+		int flag_index = fls(event);

+

 		if (conn->events & event)

 			return;

 		conn->events |= event;

-		if (fls(event) >= 0) {

+		if (flag_index >= 0) {

 			debug("TCP (spliced): index %li, %s", CONN_IDX(conn),

-			      tcp_splice_event_str[fls(event)]);

+			      tcp_splice_event_str[flag_index]);

 		}

 	}

-- 

2.39.2