It has been assured that both first and second int from ftp command are not bigger than 255, so their combination(first int << 8 +second int) must not bigger than 65535
Co-authored-by: Wang Li <wangl...@baidu.com> Signed-off-by: Wang Li <wangl...@baidu.com> Signed-off-by: Li RongQing <lirongq...@baidu.com> Cc: Darrell Ball <dlu...@gmail.com> --- lib/conntrack.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/lib/conntrack.c b/lib/conntrack.c index 6b46d0ca3..315a19e9e 100644 --- a/lib/conntrack.c +++ b/lib/conntrack.c @@ -2997,12 +2997,7 @@ process_ftp_ctl_v4(struct conntrack *ct, return CT_FTP_CTL_INVALID; } - uint16_t port_lo_hs = value; - if (65535 - port_hs < port_lo_hs) { - return CT_FTP_CTL_INVALID; - } - - port_hs |= port_lo_hs; + port_hs |= value; ovs_be16 port = htons(port_hs); ovs_be32 conn_ipv4_addr; -- 2.16.2 _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev