Fixed 'always false' expressions

[lunixoid]

I'm a member of the Pinguem.ru competition on finding errors in open source projects. Errors, found using PVS-Studio:
netsniff-ng/proto_icmpv6.c 667 err V547 Expression 'len < 0' is always false.
netsniff-ng/proto_icmpv6.c 685 err V547 Expression 'len < 0' is always false.

[tklauser]

Thanks for your PR.

Why does PVS-Studio only complain about these two specific instances? There are other comparisons of len < 0 in the same function which also don't have the cast. Also, len is of type ssize_t, i.e. a signed type and the conversion shouldn't be necessary at all to compare for smaller than 0.

Could it be that the error is due to the check of len == sizeof(struct icmpv6_neighb_disc_ops_type_17_1) before making sure than the subtraction will not underflow? In that case we could just omit the checks instead of silencing the errors through the weird cast.

[lunixoid]

About ssize_t, agree, I did not pay attention and read size_t
But, in this file only these two issues for len, full report

/home/lunix0x/pinguem_conquest/orig/netsniff-ng/pkt_buff.h 58 err V595 The 'pkt' pointer was utilized before it was verified again
st nullptr. Check lines: 58, 61.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/pkt_buff.h 79 err V595 The 'pkt' pointer was utilized before it was verified again
st nullptr. Check lines: 79, 83.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/proto_icmpv6.c 667 err V547 Expression 'len < 0' is always false.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/proto_icmpv6.c 685 err V547 Expression 'len < 0' is always false.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/proto_igmp.c 539 warn V560 A part of conditional expression is always false: version > 3.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/proto_ip_authentication_hdr.c 81 warn V560 A part of conditional expression is always
false: hdr_len < 0.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/proto_ipv6_dest_opts.c 57 warn V560 A part of conditional expression is always false: o
pt_len < 0.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/proto_ipv6_dest_opts.c 88 warn V560 A part of conditional expression is always false: o
pt_len < 0.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/proto_ipv6_hop_by_hop.c 56 warn V560 A part of conditional expression is always false: o
pt_len < 0.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/proto_ipv6_hop_by_hop.c 87 warn V560 A part of conditional expression is always false: o
pt_len < 0.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/proto_ipv6_routing.c 96 warn V560 A part of conditional expression is always false: d
ata_len < 0.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/proto_ipv6_routing.c 138 warn V560 A part of conditional expression is always false: d
ata_len < 0.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/dev.c 121 err V512 A call of the 'memcpy' function will lead to underflow of the buffe
r 'ss'.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/pcap_sg.c 36 warn V512 A call of the '__builtin_memcpy' function will lead to the
'& phdr->raw' buffer becoming out of range.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/pcap_mm.c 59 warn V512 A call of the '__builtin_memcpy' function will lead to the
'& phdr->raw' buffer becoming out of range.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/ring_tx.h 33 err V575 The null pointer is passed into 'sendto' function. Inspect
the second argument.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/ring_tx.h 33 err V575 The 'sendto' function processes '0' elements. Inspect the t
hird argument.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/ring_tx.h 38 err V575 The null pointer is passed into 'sendto' function. Inspect
the second argument.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/ring_tx.h 38 err V575 The 'sendto' function processes '0' elements. Inspect the t
hird argument.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/ring.c 75 warn V641 The size of the '& ring->s_ll' buffer is not a multiple of the element size of the type 'struct sockaddr'.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/netsniff-ng.c 209 warn V779 Unreachable code detected. It is possible that an error is present.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/netsniff-ng.c 396 warn V547 Expression 'ctx->rfraw' is always false.
/home/lunix0x/pinguem_conquest/orig/netsniff-ng/netsniff-ng.c 295 warn V779 Unreachable code detected. It is possible that an error is present.

I'm not trying to deliberately hide errors from you.

[tklauser]

Thanks for providing the full report.

In that case I really think the check for len < 0 is unnecessary, because of the check for len == sizeof(struct icmpv6_neighb_disc_ops_type_17_1) and len == sizeof(struct icmpv6_neighb_disc_ops_type_17_2) before. We then extract exactly that size and len will always be 0.

Care to send another PR removing these checks? Also, please feel free to submit patches for the other issues.

[lunixoid]

Can i do this little bit later?
Btw, I didn't use this PR for the competition until you checked it out.

[tklauser]

Sure. Feel free to submit whenever you like... Thank you!

[lunixoid]

My mac made the auto-correction of the commit message >.<
In any case, i was removed these comparisons.

[tklauser]

Thanks.

Could you please squash your commits and correct the commit message (e.g. using git commit --amend)? Also, the commit message should be prefixed with something like `dissectors:' (since it touches a protocol dissector. And your commit message should contain a Signed-off-by line, as mentioned in SubmittingPatches. Please see the existing git log for how a commit message should be formatted.