diff options
author | Jon Atack <jon@atack.com> | 2021-04-14 17:10:28 +0200 |
---|---|---|
committer | Jon Atack <jon@atack.com> | 2021-04-18 16:32:28 +0200 |
commit | 36fb036d25e2a3016b36873456e5a9e6251ffef8 (patch) | |
tree | bacfb98e3b05210ae2beebe091c14c12274ee7ba | |
parent | 4e0d5788ba5771c81bc0ff2e6523cf9accddae46 (diff) |
p2p: allow NetPermissions::ClearFlag() only with PF_ISIMPLICIT
NetPermissions::ClearFlag() is currently only called in the codebase with
an `f` value of NetPermissionFlags::PF_ISIMPLICIT.
If that should change in the future, ClearFlag() should not be called
with `f` being a subflag of a multiflag, e.g. NetPermissionFlags::PF_RELAY
or NetPermissionFlags::PF_DOWNLOAD, as that would leave `flags` in an
invalid state corresponding to none of the existing NetPermissionFlags.
Therefore, allow only calling ClearFlag with the implicit flag for now.
Co-authored-by: Vasil Dimov <vd@FreeBSD.org>
-rw-r--r-- | src/net_permissions.h | 6 | ||||
-rw-r--r-- | src/test/fuzz/net_permissions.cpp | 4 |
2 files changed, 8 insertions, 2 deletions
diff --git a/src/net_permissions.h b/src/net_permissions.h index bba0ea1695..142b317bf6 100644 --- a/src/net_permissions.h +++ b/src/net_permissions.h @@ -51,8 +51,14 @@ public: { flags = static_cast<NetPermissionFlags>(flags | f); } + //! ClearFlag is only called with `f` == NetPermissionFlags::PF_ISIMPLICIT. + //! If that should change in the future, be aware that ClearFlag should not + //! be called with a subflag of a multiflag, e.g. NetPermissionFlags::PF_RELAY + //! or NetPermissionFlags::PF_DOWNLOAD, as that would leave `flags` in an + //! invalid state corresponding to none of the existing flags. static inline void ClearFlag(NetPermissionFlags& flags, NetPermissionFlags f) { + assert(f == NetPermissionFlags::PF_ISIMPLICIT); flags = static_cast<NetPermissionFlags>(flags & ~f); } }; diff --git a/src/test/fuzz/net_permissions.cpp b/src/test/fuzz/net_permissions.cpp index 544a33047b..6fdf4b653c 100644 --- a/src/test/fuzz/net_permissions.cpp +++ b/src/test/fuzz/net_permissions.cpp @@ -25,7 +25,7 @@ FUZZ_TARGET(net_permissions) (void)NetPermissions::ToStrings(net_whitebind_permissions.m_flags); (void)NetPermissions::AddFlag(net_whitebind_permissions.m_flags, net_permission_flags); assert(NetPermissions::HasFlag(net_whitebind_permissions.m_flags, net_permission_flags)); - (void)NetPermissions::ClearFlag(net_whitebind_permissions.m_flags, net_permission_flags); + (void)NetPermissions::ClearFlag(net_whitebind_permissions.m_flags, NetPermissionFlags::PF_ISIMPLICIT); (void)NetPermissions::ToStrings(net_whitebind_permissions.m_flags); } @@ -35,7 +35,7 @@ FUZZ_TARGET(net_permissions) (void)NetPermissions::ToStrings(net_whitelist_permissions.m_flags); (void)NetPermissions::AddFlag(net_whitelist_permissions.m_flags, net_permission_flags); assert(NetPermissions::HasFlag(net_whitelist_permissions.m_flags, net_permission_flags)); - (void)NetPermissions::ClearFlag(net_whitelist_permissions.m_flags, net_permission_flags); + (void)NetPermissions::ClearFlag(net_whitelist_permissions.m_flags, NetPermissionFlags::PF_ISIMPLICIT); (void)NetPermissions::ToStrings(net_whitelist_permissions.m_flags); } } |