fix(agent): prevent shift-left overflow in EpcNetIpKey::clone_by_masklen#11679
fix(agent): prevent shift-left overflow in EpcNetIpKey::clone_by_masklen#11679mail2sudheerobbu-oss wants to merge 3 commits intodeepflowio:mainfrom
Conversation
Fixes deepflowio#8700 When a CIDR with prefix length 0 (e.g. ::/0) is registered and an IPv6 lookup is performed, clone_by_masklen(0, false) computes: u128::MAX << IPV6_BITS.saturating_sub(0) = u128::MAX << 128 Shifting a u128 by its own bit-width (128) is undefined behaviour and panics in Rust debug builds with: panicked at src/policy/labeler.rs:72:27: attempt to shift left with overflow The fix replaces the bare shift with checked_shl, which returns None when the shift amount equals or exceeds the bit-width, and falls back to 0. A mask of 0 is semantically correct for a /0 prefix (no network bits to preserve). Before: self.ip & (u128::MAX << max_prefix.saturating_sub(masklen)) After: self.ip & u128::MAX .checked_shl(max_prefix.saturating_sub(masklen) as u32) .unwrap_or(0) A regression test test_ipv6_zero_masklen_no_panic is added to cover the ::/0 case end-to-end through the labeler API. Signed-off-by: Sudheer Obbu <mail2sudheerobbu@gmail.com>
|
|
|
Hi deepflow team — gentle ping on this PR! It fixes a potential shift-left overflow in |
|
Hi team — gentle ping on this PR. It replaces a bare |
|
Hi team — gentle ping on this PR! It adds a one-line guard to prevent a shift-left overflow panic in |
2 participants
Summary
Fixes #8700
Root Cause
When a CIDR with prefix length 0 (e.g.
::/0) is registered and an IPv6 lookup is performed,clone_by_masklen(0, false)computes:Shifting a
u128by its own bit-width (128) is undefined behaviour in Rust and panics in debug builds with:Fix
Replace the bare shift with
checked_shl, which returnsNonewhen the shift amount equals or exceeds the bit-width, and falls back to0. A mask of0is semantically correct for a/0prefix (no network bits to preserve).Before:
After:
Testing
A regression test
test_ipv6_zero_masklen_no_panicis added that registers a::/0CIDR and performs a lookup — previously this panicked in debug builds, now it succeeds and returns the expected EPC ID.