From: James Jones <jejones3141@gmail.com>
Date: Thu, 8 Aug 2024 21:15:05 +0000 (-0500)
Subject: Add Coverity-only check to avoid false positive overflow (CID 1604621)
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=44dbade346eb721af45a88e07bcb56e43c77af18;p=thirdparty%2Ffreeradius-server.git

Add Coverity-only check to avoid false positive overflow (CID 1604621)

Coverity doesn't know at this point that fr_high_bit_pos() will
necessarily return a value between 5 and 64, so that ret will
have a value in {1, 2, ..., 8}, NOT 2305843009213693952. We add
a check only coverity will see to convince it there is no overflow.
---

diff --git a/src/lib/util/nbo.h b/src/lib/util/nbo.h
index 717897c598a..f19bb2c0ade 100644
--- a/src/lib/util/nbo.h
+++ b/src/lib/util/nbo.h
@@ -121,6 +121,13 @@ static inline size_t fr_nbo_from_uint64v(uint8_t out[static sizeof(uint64_t)], u
 	uint8_t swapped[sizeof(uint64_t)];
 
 	ret = ROUND_UP_DIV((size_t)fr_high_bit_pos(num | 0x80), 8);
+#ifdef __COVERITY__
+	/*
+	 * 	Coverity doesn't realize that ret is necessarily <= 8,
+	 * 	so we give it a hint.
+	 */
+	if (ret > 8) return 0;
+#endif
 
 	fr_nbo_from_uint64(swapped, num);
 	memcpy(out, (swapped + (sizeof(uint64_t) - ret)), ret);	/* aligned */