summaryrefslogtreecommitdiffstats
path: root/plugins/acl-plugin
diff options
context:
space:
mode:
authorAndrew Yourtchenko <ayourtch@gmail.com>2016-12-07 12:20:07 +0000
committerAndrew Yourtchenko <ayourtch@gmail.com>2016-12-07 12:20:07 +0000
commitcd06b728920e7119582de4d9a09ac71034706b2a (patch)
treecdf2122db4bdd5510b3a337560bd5bfd4f2d6316 /plugins/acl-plugin
parent288e8930ee7f1cf4980c06c167ef4e0cdf559528 (diff)
Fix coverity CIDs 157344, 157343, 157341, 157340, 157339, 157336
The macros used to verify the validity of sw_if_index passed in the API calls have puzzled coverity. Even though the issues are false positives, the checks are rather simple, so edited them to avoid using the preprocessor macros, it makes the code easier to follow. Added the null check for 157336. Change-Id: I24651346851215b236e53e682261e1f91219b381 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Diffstat (limited to 'plugins/acl-plugin')
-rw-r--r--plugins/acl-plugin/acl/acl.c73
-rw-r--r--plugins/acl-plugin/acl/l2sess_node.c3
2 files changed, 30 insertions, 46 deletions
diff --git a/plugins/acl-plugin/acl/acl.c b/plugins/acl-plugin/acl/acl.c
index 6b7f637b1d3..50eca8802c9 100644
--- a/plugins/acl-plugin/acl/acl.c
+++ b/plugins/acl-plugin/acl/acl.c
@@ -109,23 +109,6 @@ do { \
vl_msg_api_send_shmem (q, (u8 *)&rmp); \
} while(0);
-#define VALIDATE_SW_IF_INDEX(mp) \
- do { u32 __sw_if_index = ntohl(mp->sw_if_index); \
- vnet_main_t *__vnm = vnet_get_main(); \
- if (pool_is_free_index(__vnm->interface_main.sw_interfaces, \
- __sw_if_index)) { \
- rv = VNET_API_ERROR_INVALID_SW_IF_INDEX; \
- goto bad_sw_if_index; \
- } \
-} while(0);
-
-#define BAD_SW_IF_INDEX_LABEL \
-do { \
-bad_sw_if_index: \
- ; \
-} while (0);
-
-
/* List of message types that this plugin understands */
@@ -1377,16 +1360,18 @@ static void
vl_api_acl_interface_add_del_t_handler (vl_api_acl_interface_add_del_t * mp)
{
acl_main_t *sm = &acl_main;
+ vnet_interface_main_t *im = &sm->vnet_main->interface_main;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
vl_api_acl_interface_add_del_reply_t *rmp;
int rv = -1;
- VALIDATE_SW_IF_INDEX (mp);
- rv =
- acl_interface_add_del_inout_acl (ntohl (mp->sw_if_index), mp->is_add,
+ if (pool_is_free_index(im->sw_interfaces, sw_if_index))
+ rv = VNET_API_ERROR_INVALID_SW_IF_INDEX;
+ else
+ rv =
+ acl_interface_add_del_inout_acl (sw_if_index, mp->is_add,
mp->is_input, ntohl (mp->acl_index));
- BAD_SW_IF_INDEX_LABEL;
-
REPLY_MACRO (VL_API_ACL_INTERFACE_ADD_DEL_REPLY);
}
@@ -1398,20 +1383,23 @@ vl_api_acl_interface_set_acl_list_t_handler
vl_api_acl_interface_set_acl_list_reply_t *rmp;
int rv = 0;
int i;
- VALIDATE_SW_IF_INDEX (mp);
+ vnet_interface_main_t *im = &sm->vnet_main->interface_main;
u32 sw_if_index = ntohl (mp->sw_if_index);
- acl_interface_reset_inout_acls (sw_if_index, 0);
- acl_interface_reset_inout_acls (sw_if_index, 1);
-
- for (i = 0; i < mp->count; i++)
+ if (pool_is_free_index(im->sw_interfaces, sw_if_index))
+ rv = VNET_API_ERROR_INVALID_SW_IF_INDEX;
+ else
{
- acl_interface_add_del_inout_acl (sw_if_index, 1, (i < mp->n_input),
+ acl_interface_reset_inout_acls (sw_if_index, 0);
+ acl_interface_reset_inout_acls (sw_if_index, 1);
+
+ for (i = 0; i < mp->count; i++)
+ {
+ acl_interface_add_del_inout_acl (sw_if_index, 1, (i < mp->n_input),
ntohl (mp->acls[i]));
+ }
}
- BAD_SW_IF_INDEX_LABEL;
-
REPLY_MACRO (VL_API_ACL_INTERFACE_SET_ACL_LIST_REPLY);
}
@@ -1567,7 +1555,6 @@ vl_api_acl_interface_list_dump_t_handler (vl_api_acl_interface_list_dump_t *
vnet_sw_interface_t *swif;
vnet_interface_main_t *im = &am->vnet_main->interface_main;
- int rv = -1;
u32 sw_if_index;
unix_shared_memory_queue_t *q;
@@ -1588,17 +1575,9 @@ vl_api_acl_interface_list_dump_t_handler (vl_api_acl_interface_list_dump_t *
}
else
{
- VALIDATE_SW_IF_INDEX (mp);
sw_if_index = ntohl (mp->sw_if_index);
- send_acl_interface_list_details (am, q, sw_if_index, mp->context);
- }
- return;
-
- BAD_SW_IF_INDEX_LABEL;
- if (rv == -1)
- {
- /* FIXME API: should we signal an error here at all ? */
- return;
+ if (!pool_is_free_index(im->sw_interfaces, sw_if_index))
+ send_acl_interface_list_details (am, q, sw_if_index, mp->context);
}
}
@@ -1642,14 +1621,16 @@ vl_api_macip_acl_interface_add_del_t_handler
acl_main_t *sm = &acl_main;
vl_api_macip_acl_interface_add_del_reply_t *rmp;
int rv = -1;
- VALIDATE_SW_IF_INDEX (mp);
+ vnet_interface_main_t *im = &sm->vnet_main->interface_main;
+ u32 sw_if_index = ntohl (mp->sw_if_index);
- rv =
- macip_acl_interface_add_del_acl (ntohl (mp->sw_if_index), mp->is_add,
+ if (pool_is_free_index(im->sw_interfaces, sw_if_index))
+ rv = VNET_API_ERROR_INVALID_SW_IF_INDEX;
+ else
+ rv =
+ macip_acl_interface_add_del_acl (ntohl (mp->sw_if_index), mp->is_add,
ntohl (mp->acl_index));
- BAD_SW_IF_INDEX_LABEL;
-
REPLY_MACRO (VL_API_MACIP_ACL_INTERFACE_ADD_DEL_REPLY);
}
diff --git a/plugins/acl-plugin/acl/l2sess_node.c b/plugins/acl-plugin/acl/l2sess_node.c
index 3e735f470e7..d83029ea055 100644
--- a/plugins/acl-plugin/acl/l2sess_node.c
+++ b/plugins/acl-plugin/acl/l2sess_node.c
@@ -486,6 +486,9 @@ check_idle_sessions (l2sess_main_t * sm, u32 sw_if_index, u64 now)
#endif
sm->timer_wheel_next_expiring_time = now + sm->timer_wheel_tick;
+ if (PREDICT_FALSE ( 0 == sm->data_from_advancing_timing_wheel )) {
+ return;
+ }
if (PREDICT_FALSE (_vec_len (sm->data_from_advancing_timing_wheel) > 0))
{