[libvirt PATCH v2 2/2] nwfilter: Fix timeout data type reported by coverity
Erik Skultety
eskultet at redhat.com
Tue Aug 23 16:22:37 UTC 2022
Coverity reports:
virNWFilterSnoopIPLeaseUpdate(virNWFilterSnoopIPLease *ipl,
time_t timeout)
{
if (timeout < ipl->timeout)
return; /* no take-backs */
virNWFilterSnoopIPLeaseTimerDel(ipl);
>>> CID 396747: High impact quality (Y2K38_SAFETY)
>>> A "time_t" value is stored in an integer with too few bits
to accommodate it. The expression "timeout" is cast to
"unsigned int".
ipl->timeout = timeout;
virNWFilterSnoopIPLeaseTimerAdd(ipl);
}
Given that it doesn't make sense for a timeout to be negative, let's
store it as unsigned long long and typecast all affected time_t
occurrences accordingly. Since the affected places only ever get the
current time which is not going to be negative (unless it's year 2038
and a 32bit architecture) we can safely cast them.
Signed-off-by: Erik Skultety <eskultet at redhat.com>
---
src/nwfilter/nwfilter_dhcpsnoop.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/src/nwfilter/nwfilter_dhcpsnoop.c b/src/nwfilter/nwfilter_dhcpsnoop.c
index 18812c0b20..0977951be1 100644
--- a/src/nwfilter/nwfilter_dhcpsnoop.c
+++ b/src/nwfilter/nwfilter_dhcpsnoop.c
@@ -146,7 +146,7 @@ struct _virNWFilterSnoopIPLease {
virSocketAddr ipAddress;
virSocketAddr ipServer;
virNWFilterSnoopReq * snoopReq;
- unsigned int timeout;
+ unsigned long long timeout;
/* timer list */
virNWFilterSnoopIPLease *prev;
virNWFilterSnoopIPLease *next;
@@ -415,7 +415,8 @@ virNWFilterSnoopIPLeaseInstallRule(virNWFilterSnoopIPLease *ipl,
* virNWFilterSnoopIPLeaseUpdate - update the timeout on an IP lease
*/
static void
-virNWFilterSnoopIPLeaseUpdate(virNWFilterSnoopIPLease *ipl, time_t timeout)
+virNWFilterSnoopIPLeaseUpdate(virNWFilterSnoopIPLease *ipl,
+ unsigned long long timeout)
{
if (timeout < ipl->timeout)
return; /* no take-backs */
@@ -447,7 +448,7 @@ virNWFilterSnoopIPLeaseGetByIP(virNWFilterSnoopIPLease *start,
static unsigned int
virNWFilterSnoopReqLeaseTimerRun(virNWFilterSnoopReq *req)
{
- time_t now = time(0);
+ unsigned long long now = time(0);
bool is_last = false;
/* protect req->start */
@@ -1580,7 +1581,8 @@ virNWFilterSnoopLeaseFileWrite(int lfd, const char *ifkey,
return -1;
/* time intf ip dhcpserver */
- lbuf = g_strdup_printf("%u %s %s %s\n", ipl->timeout, ifkey, ipstr, dhcpstr);
+ lbuf = g_strdup_printf("%llu %s %s %s\n",
+ ipl->timeout, ifkey, ipstr, dhcpstr);
len = strlen(lbuf);
if (safewrite(lfd, lbuf, len) != len) {
@@ -1737,7 +1739,7 @@ virNWFilterSnoopLeaseFileLoad(void)
}
ln++;
/* key len 54 = "VMUUID"+'-'+"MAC" */
- if (sscanf(line, "%u %54s %15s %15s", &ipl.timeout,
+ if (sscanf(line, "%llu %54s %15s %15s", &ipl.timeout,
ifkey, ipstr, srvstr) < 4) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("virNWFilterSnoopLeaseFileLoad lease file "
--
2.37.2
More information about the libvir-list
mailing list