From owner-svn-src-all@freebsd.org Tue Nov 20 18:14:23 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 320311138C70; Tue, 20 Nov 2018 18:14:23 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: from mail-it1-f173.google.com (mail-it1-f173.google.com [209.85.166.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9722F7A412; Tue, 20 Nov 2018 18:14:22 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: by mail-it1-f173.google.com with SMTP id b5so4994644iti.2; Tue, 20 Nov 2018 10:14:22 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=49PuKrxNKVPxlxODeco04r+haK/WDb0DmdjzQmpMfgs=; b=swaadKdCQzAIDOpx2TyuuiM/KoS/H6CzNdtE8qj7rLSvrKKAJ1XevWu6cLfB5ekevc UmyO972pe0d79CgXQBGf6idtAG+xRes4KV1b5Eh/JkUpyN5fBg0mGuvrGwFmpqUJcIDM VP9TgIC/AEUrYTbqJEbZgUM1P1c4bjf4/L/618cCUktBvLAZewagJegn+UAvA30C0WQH qIOtTRDVqzPHU79DaAnpSSNCIhivxS6dTStIv9j0uSbAknokfRTJxEtwN/UG14ZCjnPP rhYUT9hfF98mJc/PMf4gJtKQkhTe7QAt+wEy6gFl6LzETjWAA+B2F6b8hHNJcvO+Qeb2 IL9g== X-Gm-Message-State: AGRZ1gJ3AA89V1rsloUUZwGaRaatmCl5AOvImXN/6f/Zljv/zpVovGXz jMEvTr/nwX8ZbPrWixorjG7GM2M4 X-Google-Smtp-Source: AFSGD/UmXfnnMRF2A2muvXiYBy/nBmBEVX2X8IHhG0PxXiGfKbmPj3DIkdm/Q0IOAd8xOcyX/L6FxA== X-Received: by 2002:a24:1947:: with SMTP id b68mr3105037itb.70.1542737655856; Tue, 20 Nov 2018 10:14:15 -0800 (PST) Received: from mail-it1-f178.google.com (mail-it1-f178.google.com. [209.85.166.178]) by smtp.gmail.com with ESMTPSA id y9sm8892887ioj.63.2018.11.20.10.14.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 20 Nov 2018 10:14:15 -0800 (PST) Received: by mail-it1-f178.google.com with SMTP id x19so4793284itl.1; Tue, 20 Nov 2018 10:14:15 -0800 (PST) X-Received: by 2002:a24:7296:: with SMTP id x144-v6mr2843898itc.166.1542737655262; Tue, 20 Nov 2018 10:14:15 -0800 (PST) MIME-Version: 1.0 References: <201811121120.wACBKxMt061432@repo.freebsd.org> In-Reply-To: <201811121120.wACBKxMt061432@repo.freebsd.org> Reply-To: cem@freebsd.org From: Conrad Meyer Date: Tue, 20 Nov 2018 10:14:04 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: svn commit: r340360 - in head: sbin/ipfw sys/netinet6 sys/netpfil/ipfw/nptv6 To: "Andrey V. Elsukov" Cc: src-committers , svn-src-all@freebsd.org, svn-src-head@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 9722F7A412 X-Spamd-Result: default: False [-3.99 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[cem@freebsd.org]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[freebsd.org]; TO_DN_SOME(0.00)[]; REPLYTO_ADDR_EQ_FROM(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.992,0]; RCVD_COUNT_THREE(0.00)[4]; IP_SCORE(-1.03)[ipnet: 209.85.128.0/17(-3.46), asn: 15169(-1.61), country: US(-0.09)]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; NEURAL_HAM_SHORT(-0.97)[-0.974,0]; RCVD_IN_DNSWL_NONE(0.00)[173.166.85.209.list.dnswl.org : 127.0.5.0]; NEURAL_HAM_MEDIUM(-0.98)[-0.981,0]; FORGED_SENDER(0.30)[cem@freebsd.org,csecem@gmail.com]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; TAGGED_FROM(0.00)[]; FROM_NEQ_ENVFROM(0.00)[cem@freebsd.org,csecem@gmail.com] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2018 18:14:23 -0000 Hi Andrey, On Mon, Nov 12, 2018 at 3:21 AM Andrey V. Elsukov wrote: > > Author: ae > Date: Mon Nov 12 11:20:59 2018 > New Revision: 340360 > URL: https://svnweb.freebsd.org/changeset/base/340360 > > Log: > Add ability to use dynamic external prefix in ipfw_nptv6 module. > > ... > Modified: head/sbin/ipfw/nptv6.c > ============================================================================== > --- head/sbin/ipfw/nptv6.c Mon Nov 12 07:14:34 2018 (r340359) > +++ head/sbin/ipfw/nptv6.c Mon Nov 12 11:20:59 2018 (r340360) > ... > @@ -245,13 +261,14 @@ check_prefix: > if ((flags & NPTV6_HAS_INTPREFIX) != NPTV6_HAS_INTPREFIX) > errx(EX_USAGE, "int_prefix required"); > if ((flags & NPTV6_HAS_EXTPREFIX) != NPTV6_HAS_EXTPREFIX) > - errx(EX_USAGE, "ext_prefix required"); > + errx(EX_USAGE, "ext_prefix or ext_if required"); > if ((flags & NPTV6_HAS_PREFIXLEN) != NPTV6_HAS_PREFIXLEN) > errx(EX_USAGE, "prefixlen required"); > > n2mask(&mask, cfg->plen); > APPLY_MASK(&cfg->internal, &mask); > - APPLY_MASK(&cfg->external, &mask); > + if ((cfg->flags & NPTV6_DYNAMIC_PREFIX) == 0) > + APPLY_MASK(&cfg->external, &mask); Coverity points out that APPLY_MASK() is a macro composed of multiple statements, and only the first statement will be conditional on the if () expression. This means that effectively, the final three words of mask will be applied to cfg->external unconditionally. CID is 1396914. I would suggest using the do { } while (0) construct in the APPLY_MASK macro to fix the issue. Best, Conrad