gerrit.fd Code Review - vpp.git/commit

author	Jing Peng <pj.hades@gmail.com>
	Tue, 31 May 2022 15:20:31 +0000 (11:20 -0400)
committer	Matthew Smith <mgsmith@netgate.com>
	Tue, 16 Aug 2022 19:32:14 +0000 (19:32 +0000)
commit	5c9f9968de63fa627b4a72b344df36cdc686d18a
tree	3e191980cbe4e3d4f7da3f01709947b81bf5171d	tree \| snapshot
parent	b5339c64d1100463058d1719ea23e0af353ce697	commit \| diff

nat: fix potential out-of-bound worker array index

In several NAT submodules, the number of available ports (0xffff - 1024)
may not be divisible by the number of workers, so port_per_thread is
determined by integer division, which is the floor of the quotient.
Later when a worker index is needed, dividing the port with port_per_thread
may yield an out-of-bound array index into the workers array.

As an example, assume 2 workers are configured, then port_per_thread
will be (0xffff - 1024) / 2, which is 32255. When we compute a worker
index with port 0xffff, we get (0xffff - 1024) / 32255, which is 2,
but since we only have 2 workers, only 0 and 1 are valid indices.

This patch fixes the problem by adding a modulo at the end of the division.

Type: fix
Signed-off-by: Jing Peng <pj.hades@gmail.com>
Change-Id: Ieae3d5faf716410422610484a68222f1c957f3f8

src/plugins/nat/nat44-ed/nat44_ed.c		diff \| blob \| history
src/plugins/nat/nat44-ei/nat44_ei.c		diff \| blob \| history
src/plugins/nat/nat64/nat64.c		diff \| blob \| history