Visa Hankala <v...@hankala.org> wrote:
> Use three-way comparison for address elements to avoid integer
> wraparound in the result of xfrm_policy_addr_delta().
>
> This ensures that the search trees are built and traversed correctly
> when the difference between compared address elements is larger
> than INT_MAX.
Please provide an update to tools/testing/selftests/net/xfrm_policy.sh
that shows that this is a problem.
> switch (family) {
> case AF_INET:
> - if (sizeof(long) == 4 && prefixlen == 0)
> - return ntohl(a->a4) - ntohl(b->a4);
> - return (ntohl(a->a4) & ((~0UL << (32 - prefixlen)))) -
> - (ntohl(b->a4) & ((~0UL << (32 - prefixlen))));
> + mask = ~0U << (32 - prefixlen);
> + ma = ntohl(a->a4) & mask;
> + mb = ntohl(b->a4) & mask;
This is suspicious. Is prefixlen == 0 impossible?
If not, then after patch
mask = ~0U << 32;
... and function returns 0.
