Re: [PATCH net] dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart()

From: Alexey Kodanev Date: Thu, 2 Aug 2018 19:22:05 +0300 > Make sure that the value of "(now - hc->tx_lsndtime) / hc->tx_rto" is > properly limited when shifting 'u32 cwnd' with it, otherwise we can get: ... > Fixes: 113ced1f52e5 ("dccp ccid-2: Perform congestion-window validation") > Signed-o

[PATCH net] dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart()

Make sure that the value of "(now - hc->tx_lsndtime) / hc->tx_rto" is properly limited when shifting 'u32 cwnd' with it, otherwise we can get: [40850.963623] UBSAN: Undefined behaviour in net/dccp/ccids/ccid2.c:237:7 [40851.043858] shift exponent 67 is too large for 32-bit type 'unsigned int' [408