[PATCH v2] ipv4: fib_rules: Fix possible infinite loop in fib_empty_table

From: YueHaibing
Date: Sat Dec 29 2018 - 01:46:34 EST

Next message: YueHaibing: "Re: [PATCH] ipv4: fib_rules: Fix possible infinite loop in fib_empty_table"
Previous message: Aisheng Dong: "RE: [RFC PATCH 1/1] PM / Domains: Add multi PM domains support for attach_dev"
Next in thread: David Miller: "Re: [PATCH v2] ipv4: fib_rules: Fix possible infinite loop in fib_empty_table"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

gcc warn this:
net/ipv4/fib_rules.c:203 fib_empty_table() warn:
always true condition '(id <= 4294967295) => (0-u32max <= u32max)'

'id' is u32, which always not greater than RT_TABLE_MAX
(0xFFFFFFFF), So add a check to break while wrap around.

Signed-off-by: YueHaibing <yuehaibing@xxxxxxxxxx>
---
v2: clean up exit conditions
---
net/ipv4/fib_rules.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/net/ipv4/fib_rules.c b/net/ipv4/fib_rules.c
index f8eb78d..cfec3af 100644
--- a/net/ipv4/fib_rules.c
+++ b/net/ipv4/fib_rules.c
@@ -198,11 +198,15 @@ static int fib4_rule_match(struct fib_rule *rule, struct flowi *fl, int flags)

static struct fib_table *fib_empty_table(struct net *net)
{
- u32 id;
+ u32 id = 1;

- for (id = 1; id <= RT_TABLE_MAX; id++)
+ while (1) {
if (!fib_get_table(net, id))
return fib_new_table(net, id);
+
+ if (id++ == RT_TABLE_MAX)
+ break;
+ }
return NULL;
}

--
2.7.4

Next message: YueHaibing: "Re: [PATCH] ipv4: fib_rules: Fix possible infinite loop in fib_empty_table"
Previous message: Aisheng Dong: "RE: [RFC PATCH 1/1] PM / Domains: Add multi PM domains support for attach_dev"
Next in thread: David Miller: "Re: [PATCH v2] ipv4: fib_rules: Fix possible infinite loop in fib_empty_table"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]