From: David Lamparter <equinox@opensourcerouting.org>
Date: Tue, 19 Sep 2023 19:03:24 +0000 (+0200)
Subject: lib: constrain hash table "tabshift" both ways
X-Git-Tag: base_9.1~61^2
X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=refs%2Fpull%2F14443%2Fhead;p=mirror%2Ffrr.git

lib: constrain hash table "tabshift" both ways

The previous change to assume() did address the coverity warning about
one direction of the shift in HASH_KEY, let's constrain the other in
HASH_SIZE as well.

To be fair, the hash table *will* break at 1G entries, but at that point
we have other problems RAM-wise.  (Could bump the thing to 64-bit, but
then we need better item hash functions too on every single user.)

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
---

diff --git a/lib/typesafe.h b/lib/typesafe.h
index a84298b062..93258c5954 100644
--- a/lib/typesafe.h
+++ b/lib/typesafe.h
@@ -795,13 +795,16 @@ struct thash_head {
 	uint8_t minshift, maxshift;
 };
 
-#define _HASH_SIZE(tabshift) \
-	((1U << (tabshift)) >> 1)
+#define _HASH_SIZE(tabshift)                                                   \
+	({                                                                     \
+		assume((tabshift) <= 31);                                      \
+		(1U << (tabshift)) >> 1;                                       \
+	})
 #define HASH_SIZE(head) \
 	_HASH_SIZE((head).tabshift)
 #define _HASH_KEY(tabshift, val)                                               \
 	({                                                                     \
-		assume((tabshift) >= 2 && (tabshift) <= 33);                   \
+		assume((tabshift) >= 2 && (tabshift) <= 31);                   \
 		(val) >> (33 - (tabshift));                                    \
 	})
 #define HASH_KEY(head, val) \