| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250306112520.188728-1-torben.nielsen@prevas.dk>
Date: Thu, 6 Mar 2025 12:25:19 +0100
From: Torben Nielsen <t8927095@...il.com>
To: netdev@...r.kernel.org
Cc: Torben Nielsen <torben.nielsen@...vas.dk>
Subject: [PATCH iproute2-next] tc: nat: Fix mask calculation
In parse_nat_args the network mask is calculated as
sel->mask = htonl(~0u << (32 - addr.bitlen));
According to ISO/IEC 9899:TC3 6.5.7 Bitwise shift operators:
The integer promotions are performed on each of the operands.
The type of the result is that of the promoted left operand.
If the value of the right operand is negative or is greater
than or equal to the width of the promoted left operand,
the behavior is undefined
Specifically this means that the mask is undefined for
addr.bitlen = 0
On x86_64 the result is 0xffffffff, on armv7l it is 0.
Promoting the left operand of the shift operator solves this issue.
Signed-off-by: Torben Nielsen <torben.nielsen@...vas.dk>
---
tc/m_nat.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/m_nat.c b/tc/m_nat.c
index 69d54c6f..da947aea 100644
--- a/tc/m_nat.c
+++ b/tc/m_nat.c
@@ -55,7 +55,7 @@ parse_nat_args(int *argc_p, char ***argv_p, struct tc_nat *sel)
goto bad_val;
sel->old_addr = addr.data[0];
- sel->mask = htonl(~0u << (32 - addr.bitlen));
+ sel->mask = htonl(~(uint64_t)0 << (32 - addr.bitlen));
NEXT_ARG();
--
2.43.0
Powered by blists - more mailing lists