Skip to content

Commit

Permalink
netfilter: ipset: Removed invalid IPSET_ATTR_MARKMASK validation
Browse files Browse the repository at this point in the history
Markmask is an u32, hence it can't be greater then 4294967295 ( i.e.
0xffffffff ). This was causing smatch warning:
 net/netfilter/ipset/ip_set_hash_gen.h:1084 hash_ipmark_create() warn:
 impossible condition '(markmask > 4294967295) => (0-u32max > u32max)'

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
  • Loading branch information
Vytas Dauksa authored and Jozsef Kadlecsik committed Aug 24, 2014
1 parent afc5be3 commit ecc245c
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion net/netfilter/ipset/ip_set_hash_gen.h
Original file line number Diff line number Diff line change
Expand Up @@ -1093,7 +1093,7 @@ IPSET_TOKEN(HTYPE, _create)(struct net *net, struct ip_set *set,
if (tb[IPSET_ATTR_MARKMASK]) {
markmask = ntohl(nla_get_u32(tb[IPSET_ATTR_MARKMASK]));

if ((markmask > 4294967295u) || markmask == 0)
if (markmask == 0)
return -IPSET_ERR_INVALID_MARKMASK;
}
#endif
Expand Down

0 comments on commit ecc245c

Please sign in to comment.