Fix Coverity CID #89535: Bad bit shift operation

The (relatively) new scoped config option to phyint failed to check the configured masklen to be > 0, this caused potential bad input to the macro VAL_TO_MASK(). Added guards for 'masklen 0', or missing masklen in config. Signed-off-by: Joachim Nilsson <[email protected]>
troglobit · Apr 20, 2015 · 92b90e3 · 92b90e3
1 parent 69a5e34
commit 92b90e3
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/config.c b/config.c
@@ -543,14 +543,20 @@ static int parse_phyint(char *s)
 		    }
 		}
 
+		/* Invalid config. VAL_TO_MASK() also requires len > 0 or shift op will fail. */
+		if (!scoped_masklen) {
+		    WARN("Too small (0) scoped masklen for phyint %s", inet_fmt(local, s1, sizeof(s1)));
+		    continue;
+		}
+
 		v_acl = (struct vif_acl *)calloc(1, sizeof(struct vif_acl));
 		if (!v_acl)
 		    return FALSE;
 
 		VAL_TO_MASK(v_acl->acl_mask, scoped_masklen);
 		v_acl->acl_addr = scoped_addr & v_acl->acl_mask;
 		if (scoped_addr & ~v_acl->acl_mask)
-		    WARN("Boundary spec %s/%d has host bits set", inet_fmt(scoped_addr, s1, sizeof(s1)),scoped_masklen);
+		    WARN("Boundary spec %s/%d has host bits set", inet_fmt(scoped_addr, s1, sizeof(s1)), scoped_masklen);
 
 		v_acl->acl_next = v->uv_acl;
 		v->uv_acl = v_acl;