MINOR: quic: Potential overflow expression in qc_parse_frm()
This should fix Coverity CID 375056 where an unsigned char was used
to store a 32bit mask.
diff --git a/src/quic_frame.c b/src/quic_frame.c
index cd607ac..721b5e0 100644
--- a/src/quic_frame.c
+++ b/src/quic_frame.c
@@ -1000,8 +1000,8 @@
struct quic_frame_builder {
int (*func)(unsigned char **buf, const unsigned char *end,
struct quic_frame *frm, struct quic_conn *conn);
+ uint32_t mask;
unsigned char flags;
- unsigned char mask;
};
const struct quic_frame_builder quic_frame_builders[] = {
@@ -1041,8 +1041,8 @@
struct quic_frame_parser {
int (*func)(struct quic_frame *frm, struct quic_conn *qc,
const unsigned char **buf, const unsigned char *end);
+ uint32_t mask;
unsigned char flags;
- unsigned char mask;
};
const struct quic_frame_parser quic_frame_parsers[] = {
@@ -1100,7 +1100,7 @@
}
parser = &quic_frame_parsers[frm->type];
- if (!(parser->mask & (1 << pkt->type))) {
+ if (!(parser->mask & (1U << pkt->type))) {
TRACE_DEVEL("unauthorized frame", QUIC_EV_CONN_PRSFRM, qc, frm);
return 0;
}
@@ -1126,10 +1126,10 @@
const struct quic_frame_builder *builder;
builder = &quic_frame_builders[frm->type];
- if (!(builder->mask & (1 << pkt->type))) {
+ if (!(builder->mask & (1U << pkt->type))) {
/* XXX This it a bug to send an unauthorized frame with such a packet type XXX */
TRACE_DEVEL("frame skipped", QUIC_EV_CONN_BFRM, qc, frm);
- BUG_ON(!(builder->mask & (1 << pkt->type)));
+ BUG_ON(!(builder->mask & (1U << pkt->type)));
}
if (end <= *buf) {