On Tue, Apr 20, 2010 at 05:14:05PM -0700, Guy Harris wrote:
> In bpf_validate, when it checks whether the divisor in a BPF_DIV instruction
> is a constant 0, it does
>
> case BPF_DIV:
> /*
> * Check for constant division by 0.
> */
> if (BPF_RVAL(p->code) == BPF_K && p->k == 0)
> return 0;
> break;
>
> BPF_RVAL() is the macro to get the return value of a RET instruction; it
> extracts the 0x18 bits. The BPF_DIV opcode is 0x30, which has the 0x10 bit
> set; a BPF_DIV instruction with a constant 0 as the divisor would be
> BPF_DIV|BPF_K, which is 0x30; BPF_RVAL(p->code) would be 0x10, which isn't
> equal to BPF_K, which is 0x00.
>
> The macro to get the source argument of an arithmetic instruction is
> BPF_SRC(), which extracts only the 0x08 bit; BPF_SRC(p->code) would be 0x00,
> which is equal to BPF_K, so it should be doing
>
> case BPF_DIV:
> /*
> * Check for constant division by 0.
> */
> if (BPF_SRC(p->code) == BPF_K && p->k == 0)
> return 0;
> break;
Indeed, thanks.
-Otto
