From: Victor Julien <victor@inliniac.net>
Date: Tue, 14 Jul 2020 08:48:57 +0000 (+0200)
Subject: flow: fix unlikely issue with int handling
X-Git-Tag: suricata-6.0.0-beta1~150
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f2a3d6d8343abace41629459806d2a5aa0a1e069;p=thirdparty%2Fsuricata.git

flow: fix unlikely issue with int handling

Thanks for reporting this magenbluten PR 4575.
---

diff --git a/src/tmqh-flow.c b/src/tmqh-flow.c
index 4ddb4193db..a02c930f10 100644
--- a/src/tmqh-flow.c
+++ b/src/tmqh-flow.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2007-2013 Open Information Security Foundation
+/* Copyright (C) 2007-2020 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
@@ -220,8 +220,7 @@ void TmqhOutputFlowFreeCtx(void *ctx)
 
 void TmqhOutputFlowHash(ThreadVars *tv, Packet *p)
 {
-    int16_t qid = 0;
-
+    uint32_t qid;
     TmqhFlowCtx *ctx = (TmqhFlowCtx *)tv->outctx;
 
     if (p->flags & PKT_WANTS_FLOW) {
@@ -251,24 +250,19 @@ void TmqhOutputFlowHash(ThreadVars *tv, Packet *p)
  */
 void TmqhOutputFlowIPPair(ThreadVars *tv, Packet *p)
 {
-    int16_t qid = 0;
     uint32_t addr_hash = 0;
-    int i;
 
     TmqhFlowCtx *ctx = (TmqhFlowCtx *)tv->outctx;
 
     if (p->src.family == AF_INET6) {
-        for (i = 0; i < 4; i++) {
+        for (int i = 0; i < 4; i++) {
             addr_hash += p->src.addr_data32[i] + p->dst.addr_data32[i];
         }
     } else {
         addr_hash = p->src.addr_data32[0] + p->dst.addr_data32[0];
     }
 
-    /* we don't have to worry about possible overflow, since
-     * ctx->size will be lesser than 2 ** 31 for sure */
-    qid = addr_hash % ctx->size;
-
+    uint32_t qid = addr_hash % ctx->size;
     PacketQueue *q = ctx->queues[qid].q;
     SCMutexLock(&q->mutex_q);
     PacketEnqueue(q, p);