[PATCH] netfilter: ip_tables: remove useless variable assignment in get

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] netfilter: ip_tables: remove useless variable assignment in get_info()
@ 2017-06-26 22:34 Gustavo A. R. Silva
  2017-06-27  2:46 ` Joe Perches
  0 siblings, 1 reply; 3+ messages in thread
From: Gustavo A. R. Silva @ 2017-06-26 22:34 UTC (permalink / raw)
  To: Pablo Neira Ayuso, Jozsef Kadlecsik, Florian Westphal,
	David S. Miller, Alexey Kuznetsov, James Morris,
	Hideaki YOSHIFUJI, Patrick McHardy
  Cc: netfilter-devel, coreteam, netdev, linux-kernel,
	Gustavo A. R. Silva

Value assigned to variable _ret_ at line 970 is overwritten either at
line 986 or 988, before it can be used. This makes such variable
assignment useless.

Addresses-Coverity-ID: 1226932
Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com>
---
 net/ipv4/netfilter/ip_tables.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index 2a55a40..648697c 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -967,7 +967,7 @@ static int get_info(struct net *net, void __user *user,
 		struct xt_table_info tmp;
 
 		if (compat) {
-			ret = compat_table_info(private, &tmp);
+			compat_table_info(private, &tmp);
 			xt_compat_flush_offsets(AF_INET);
 			private = &tmp;
 		}
-- 
2.5.0

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] netfilter: ip_tables: remove useless variable assignment in get_info()
  2017-06-26 22:34 [PATCH] netfilter: ip_tables: remove useless variable assignment in get_info() Gustavo A. R. Silva
@ 2017-06-27  2:46 ` Joe Perches
  2017-06-27  3:42   ` Gustavo A. R. Silva
  0 siblings, 1 reply; 3+ messages in thread
From: Joe Perches @ 2017-06-27  2:46 UTC (permalink / raw)
  To: Gustavo A. R. Silva, Pablo Neira Ayuso, Jozsef Kadlecsik,
	Florian Westphal, David S. Miller, Alexey Kuznetsov, James Morris,
	Hideaki YOSHIFUJI, Patrick McHardy
  Cc: netfilter-devel, coreteam, netdev, linux-kernel

On Mon, 2017-06-26 at 17:34 -0500, Gustavo A. R. Silva wrote:
> Value assigned to variable _ret_ at line 970 is overwritten either at
> line 986 or 988, before it can be used. This makes such variable
> assignment useless.
> 
> Addresses-Coverity-ID: 1226932
[]
> diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
[]
> @@ -967,7 +967,7 @@ static int get_info(struct net *net, void __user *user,
>  		struct xt_table_info tmp;
>  
>  		if (compat) {
> -			ret = compat_table_info(private, &tmp);
> +			compat_table_info(private, &tmp);

why isn't it more appropriate to test the return value?

>  			xt_compat_flush_offsets(AF_INET);
>  			private = &tmp;
>  		}

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] netfilter: ip_tables: remove useless variable assignment in get_info()
  2017-06-27  2:46 ` Joe Perches
@ 2017-06-27  3:42   ` Gustavo A. R. Silva
  0 siblings, 0 replies; 3+ messages in thread
From: Gustavo A. R. Silva @ 2017-06-27  3:42 UTC (permalink / raw)
  To: Joe Perches
  Cc: Pablo Neira Ayuso, Jozsef Kadlecsik, Florian Westphal,
	David S. Miller, Alexey Kuznetsov, James Morris,
	Hideaki YOSHIFUJI, Patrick McHardy, netfilter-devel, coreteam,
	netdev, linux-kernel

Hi Joe,

Quoting Joe Perches <joe@perches.com>:

> On Mon, 2017-06-26 at 17:34 -0500, Gustavo A. R. Silva wrote:
>> Value assigned to variable _ret_ at line 970 is overwritten either at
>> line 986 or 988, before it can be used. This makes such variable
>> assignment useless.
>>
>> Addresses-Coverity-ID: 1226932
> []
>> diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
> []
>> @@ -967,7 +967,7 @@ static int get_info(struct net *net, void __user *user,
>>  		struct xt_table_info tmp;
>>
>>  		if (compat) {
>> -			ret = compat_table_info(private, &tmp);
>> +			compat_table_info(private, &tmp);
>
> why isn't it more appropriate to test the return value?
>

Oh, in this particular case, based on git blame, the code has been  
like that for more than 10 years. So my reasoning was that if it  
hasn't been fixed yet, maybe that return value is not relevant.

But in case it turns out to actually be relevant, what do you think  
about the following patch:

--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -968,7 +968,8 @@ static int get_info(struct net *net, void __user *user,

                 if (compat) {
                         ret = compat_table_info(private, &tmp);
-                       xt_compat_flush_offsets(AF_INET);
+                       if (!ret)
+                               goto out;
                         private = &tmp;
                 }
  #endif
@@ -986,14 +987,20 @@ static int get_info(struct net *net, void __user *user,
                         ret = -EFAULT;
                 else
                         ret = 0;
+       } else
+               ret = -ENOENT;

+out:
+       if (t) {
                 xt_table_unlock(t);
                 module_put(t->me);
-       } else
-               ret = -ENOENT;
+       }
+
  #ifdef CONFIG_COMPAT
-       if (compat)
+       if (compat) {
+               xt_compat_flush_offsets(AF_INET);
                 xt_compat_unlock(AF_INET);
+       }
  #endif
         return ret;
  }


Thank you!
--
Gustavo A. R. Silva

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2017-06-27  3:42 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-06-26 22:34 [PATCH] netfilter: ip_tables: remove useless variable assignment in get_info() Gustavo A. R. Silva
2017-06-27  2:46 ` Joe Perches
2017-06-27  3:42   ` Gustavo A. R. Silva

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).