Message ID | 20190826125017.9513-1-thuth@redhat.com |
---|---|
State | Accepted |
Headers | show |
Series | libnet: Fix the check of the argument lengths of the "ping" command | expand |
On 26/08/2019 22:50, Thomas Huth wrote: > The current if-condition can never be true. Nice one. How did you catch it? I'd expect gcc to yell but mine (v7.4.0) does not. Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru> > > Buglink: https://bugs.launchpad.net/qemu/+bug/1840646 > Signed-off-by: Thomas Huth <thuth@redhat.com> > --- > lib/libnet/ping.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/lib/libnet/ping.c b/lib/libnet/ping.c > index 051269f..51db061 100644 > --- a/lib/libnet/ping.c > +++ b/lib/libnet/ping.c > @@ -119,7 +119,7 @@ int ping(char *args_fs, int alen) > > memset(&ping_args, 0, sizeof(struct ping_args)); > > - if (alen <= 0 && alen >= sizeof(args) - 1) { > + if (alen <= 0 || alen >= sizeof(args) - 1) { > usage(); > return -1; > } >
On 27/08/2019 04.00, Alexey Kardashevskiy wrote: > > > On 26/08/2019 22:50, Thomas Huth wrote: >> The current if-condition can never be true. > > Nice one. How did you catch it? I didn't catch it but a user who reported it on launchpad: https://bugs.launchpad.net/qemu/+bug/1840646 I think a tool like "cppcheck" was used here to scan the sources. Thomas
diff --git a/lib/libnet/ping.c b/lib/libnet/ping.c index 051269f..51db061 100644 --- a/lib/libnet/ping.c +++ b/lib/libnet/ping.c @@ -119,7 +119,7 @@ int ping(char *args_fs, int alen) memset(&ping_args, 0, sizeof(struct ping_args)); - if (alen <= 0 && alen >= sizeof(args) - 1) { + if (alen <= 0 || alen >= sizeof(args) - 1) { usage(); return -1; }
The current if-condition can never be true. Buglink: https://bugs.launchpad.net/qemu/+bug/1840646 Signed-off-by: Thomas Huth <thuth@redhat.com> --- lib/libnet/ping.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)