Build with -Wstrict-overflow=5 and fix revealed warnings.

Some of these are actual bugs, but none are security-sensitive.
This commit is contained in:
Nicholas J. Kain 2022-08-10 11:32:30 -04:00
parent 9338aa37c2
commit 6c44f536ad
6 changed files with 361 additions and 343 deletions

View File

@ -3,7 +3,7 @@ NDHC_OBJS = $(NDHC_SRCS:.c=.o)
NDHC_DEP = $(NDHC_SRCS:.c=.d) NDHC_DEP = $(NDHC_SRCS:.c=.d)
INCL = -I. INCL = -I.
CFLAGS = -MMD -O2 -s -std=gnu99 -pedantic -Wall -Wextra -Wimplicit-fallthrough=0 -Wformat=2 -Wformat-nonliteral -Wformat-security -Wshadow -Wpointer-arith -Wmissing-prototypes -Wunused-const-variable=0 -Wcast-qual -Wsign-conversion -D_GNU_SOURCE -Wno-discarded-qualifiers CFLAGS = -MMD -O2 -s -std=gnu99 -pedantic -Wall -Wextra -Wimplicit-fallthrough=0 -Wformat=2 -Wformat-nonliteral -Wformat-security -Wshadow -Wpointer-arith -Wmissing-prototypes -Wunused-const-variable=0 -Wcast-qual -Wsign-conversion -D_GNU_SOURCE -Wno-discarded-qualifiers -Wstrict-overflow=5
CPPFLAGS += $(INCL) CPPFLAGS += $(INCL)
all: ragel ndhc all: ragel ndhc

16
arp.c
View File

@ -27,10 +27,10 @@
#define ARP_MAX_TRIES 3 #define ARP_MAX_TRIES 3
// From RFC5227 // From RFC5227
int arp_probe_wait = 1000; // initial random delay (ms) unsigned arp_probe_wait = 1000; // initial random delay (ms)
int arp_probe_num = 3; // number of probe packets unsigned arp_probe_num = 3; // number of probe packets
int arp_probe_min = 1000; // minimum delay until repeated probe (ms) unsigned arp_probe_min = 1000; // minimum delay until repeated probe (ms)
int arp_probe_max = 2000; // maximum delay until repeated probe (ms) unsigned arp_probe_max = 2000; // maximum delay until repeated probe (ms)
#define ANNOUNCE_WAIT 2000 // delay before announcing #define ANNOUNCE_WAIT 2000 // delay before announcing
#define ANNOUNCE_NUM 2 // number of Announcement packets #define ANNOUNCE_NUM 2 // number of Announcement packets
#define ANNOUNCE_INTERVAL 2000 // time between Announcement packets #define ANNOUNCE_INTERVAL 2000 // time between Announcement packets
@ -368,12 +368,12 @@ static int arp_is_query_reply(struct arpMsg *am)
return 1; return 1;
} }
static int arp_gen_probe_wait(struct client_state_t *cs) static unsigned arp_gen_probe_wait(struct client_state_t *cs)
{ {
int range = arp_probe_max - arp_probe_min; unsigned range = arp_probe_max - arp_probe_min;
if (range < 1000) range = 1000; if (range < 1000) range = 1000;
// This is not a uniform distribution but it doesn't matter here. // This is not a uniform distribution but it doesn't matter here.
return arp_probe_min + (int)(nk_random_u32(&cs->rnd_state) % (unsigned)range); return arp_probe_min + nk_random_u32(&cs->rnd_state) % range;
} }
int arp_defense_timeout(struct client_state_t *cs, long long nowts) int arp_defense_timeout(struct client_state_t *cs, long long nowts)
@ -477,7 +477,7 @@ int arp_gw_query_timeout(struct client_state_t *cs, long long nowts)
int arp_collision_timeout(struct client_state_t *cs, long long nowts) int arp_collision_timeout(struct client_state_t *cs, long long nowts)
{ {
if (nowts >= garp.arp_check_start_ts + ANNOUNCE_WAIT || if (nowts - garp.arp_check_start_ts >= ANNOUNCE_WAIT ||
garp.send_stats[ASEND_COLLISION_CHECK].count >= arp_probe_num) garp.send_stats[ASEND_COLLISION_CHECK].count >= arp_probe_num)
{ {
char clibuf[INET_ADDRSTRLEN]; char clibuf[INET_ADDRSTRLEN];

12
arp.h
View File

@ -28,10 +28,10 @@ struct arpMsg {
uint8_t pad[18]; // 2a pad for min. ethernet payload (60 bytes) uint8_t pad[18]; // 2a pad for min. ethernet payload (60 bytes)
}; };
extern int arp_probe_wait; extern unsigned arp_probe_wait;
extern int arp_probe_num; extern unsigned arp_probe_num;
extern int arp_probe_min; extern unsigned arp_probe_min;
extern int arp_probe_max; extern unsigned arp_probe_max;
typedef enum { typedef enum {
AS_NONE = 0, // Nothing to react to wrt ARP AS_NONE = 0, // Nothing to react to wrt ARP
@ -55,7 +55,7 @@ typedef enum {
struct arp_stats { struct arp_stats {
long long ts; long long ts;
int count; unsigned count;
}; };
struct arp_data { struct arp_data {
@ -68,7 +68,7 @@ struct arp_data {
// AS_COLLISION_CHECK state. // AS_COLLISION_CHECK state.
unsigned int total_conflicts; // Total number of address conflicts on unsigned int total_conflicts; // Total number of address conflicts on
// the interface. Never decreases. // the interface. Never decreases.
int gw_check_initpings; // Initial count of ASEND_GW_PING when unsigned gw_check_initpings; // Initial count of ASEND_GW_PING when
// AS_GW_CHECK was entered. // AS_GW_CHECK was entered.
uint16_t probe_wait_time; // Time to wait for a COLLISION_CHECK reply uint16_t probe_wait_time; // Time to wait for a COLLISION_CHECK reply
// (in ms?). // (in ms?).

600
cfg.c

File diff suppressed because it is too large Load Diff

14
cfg.rl
View File

@ -108,15 +108,17 @@ struct cfgparse {
action arp_probe_wait { action arp_probe_wait {
int t = atoi(ccfg.buf); int t = atoi(ccfg.buf);
if (t >= 0) if (t >= 0)
arp_probe_wait = t; arp_probe_wait = (unsigned)t;
} }
action arp_probe_num { action arp_probe_num {
int t = atoi(ccfg.buf); int t = atoi(ccfg.buf);
if (t >= 0) if (t >= 0)
arp_probe_num = t; arp_probe_num = (unsigned)t;
} }
action arp_probe_min { action arp_probe_min {
int t = atoi(ccfg.buf); int ti = atoi(ccfg.buf);
if (ti >= 0) {
unsigned t = (unsigned)ti;
arp_probe_min = t; arp_probe_min = t;
if (arp_probe_min > arp_probe_max) { if (arp_probe_min > arp_probe_max) {
t = arp_probe_max; t = arp_probe_max;
@ -124,8 +126,11 @@ struct cfgparse {
arp_probe_min = t; arp_probe_min = t;
} }
} }
}
action arp_probe_max { action arp_probe_max {
int t = atoi(ccfg.buf); int ti = atoi(ccfg.buf);
if (ti >= 0) {
unsigned t = (unsigned)ti;
arp_probe_max = t; arp_probe_max = t;
if (arp_probe_min > arp_probe_max) { if (arp_probe_min > arp_probe_max) {
t = arp_probe_max; t = arp_probe_max;
@ -133,6 +138,7 @@ struct cfgparse {
arp_probe_min = t; arp_probe_min = t;
} }
} }
}
action gw_metric { action gw_metric {
char *q; char *q;
long mt = strtol(ccfg.buf, &q, 10); long mt = strtol(ccfg.buf, &q, 10);

View File

@ -9,9 +9,9 @@
#include "options.h" #include "options.h"
static int do_overload_value(const uint8_t *buf, ssize_t blen, int overload) static int do_overload_value(const uint8_t *buf, size_t blen, int overload)
{ {
ssize_t i = 0; size_t i = 0;
while (i < blen) { while (i < blen) {
if (buf[i] == DCODE_PADDING) { if (buf[i] == DCODE_PADDING) {
++i; ++i;
@ -19,7 +19,7 @@ static int do_overload_value(const uint8_t *buf, ssize_t blen, int overload)
} }
if (buf[i] == DCODE_END) if (buf[i] == DCODE_END)
break; break;
if (i >= blen - 2) if (i + 2 >= blen)
break; break;
if (buf[i] == DCODE_OVERLOAD) { if (buf[i] == DCODE_OVERLOAD) {
if (buf[i+1] == 1) { if (buf[i+1] == 1) {