From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 10/13] netfilter: nf_tables: avoid uninitialized variable warning
Date: Fri, 21 Oct 2016 12:12:20 +0200 [thread overview]
Message-ID: <1477044743-18948-11-git-send-email-pablo@netfilter.org> (raw)
In-Reply-To: <1477044743-18948-1-git-send-email-pablo@netfilter.org>
From: Arnd Bergmann <arnd@arndb.de>
The newly added nft_range_eval() function handles the two possible
nft range operations, but as the compiler warning points out,
any unexpected value would lead to the 'mismatch' variable being
used without being initialized:
net/netfilter/nft_range.c: In function 'nft_range_eval':
net/netfilter/nft_range.c:45:5: error: 'mismatch' may be used uninitialized in this function [-Werror=maybe-uninitialized]
This removes the variable in question and instead moves the
condition into the switch itself, which is potentially more
efficient than adding a bogus 'default' clause as in my
first approach, and is nicer than using the 'uninitialized_var'
macro.
Fixes: 0f3cd9b36977 ("netfilter: nf_tables: add range expression")
Link: http://patchwork.ozlabs.org/patch/677114/
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
net/netfilter/nft_range.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/net/netfilter/nft_range.c b/net/netfilter/nft_range.c
index 9bc4586c3006..fbc88009ca2e 100644
--- a/net/netfilter/nft_range.c
+++ b/net/netfilter/nft_range.c
@@ -28,22 +28,20 @@ static void nft_range_eval(const struct nft_expr *expr,
const struct nft_pktinfo *pkt)
{
const struct nft_range_expr *priv = nft_expr_priv(expr);
- bool mismatch;
int d1, d2;
d1 = memcmp(®s->data[priv->sreg], &priv->data_from, priv->len);
d2 = memcmp(®s->data[priv->sreg], &priv->data_to, priv->len);
switch (priv->op) {
case NFT_RANGE_EQ:
- mismatch = (d1 < 0 || d2 > 0);
+ if (d1 < 0 || d2 > 0)
+ regs->verdict.code = NFT_BREAK;
break;
case NFT_RANGE_NEQ:
- mismatch = (d1 >= 0 && d2 <= 0);
+ if (d1 >= 0 && d2 <= 0)
+ regs->verdict.code = NFT_BREAK;
break;
}
-
- if (mismatch)
- regs->verdict.code = NFT_BREAK;
}
static const struct nla_policy nft_range_policy[NFTA_RANGE_MAX + 1] = {
--
2.1.4
next prev parent reply other threads:[~2016-10-21 10:12 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-21 10:12 [PATCH 00/13] Netfilter fixes for net Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 01/13] netfilter: xt_hashlimit: Add missing ULL suffixes for 64-bit constants Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 02/13] netfilter: nft_dynset: fix element timeout for HZ != 1000 Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 03/13] netfilter: conntrack: remove obsolete sysctl (nf_conntrack_events_retry_timeout) Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 04/13] netfilter: xt_NFLOG: fix unexpected truncated packet Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 05/13] netfilter: xt_ipcomp: add "ip[6]t_ipcomp" module alias name Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 06/13] netfilter: nft_hash: add missing NFTA_HASH_OFFSET's nla_policy Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 07/13] netfilter: nf_tables: underflow in nft_parse_u32_check() Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 08/13] netfilter: nft_exthdr: fix error handling in nft_exthdr_init() Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 09/13] netfilter: nft_range: validate operation netlink attribute Pablo Neira Ayuso
2016-10-21 10:12 ` Pablo Neira Ayuso [this message]
2016-10-21 10:12 ` [PATCH 11/13] netfilter: x_tables: suppress kmemcheck warning Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 12/13] netfilter: conntrack: restart gc immediately if GC_MAX_EVICTS is reached Pablo Neira Ayuso
2016-10-21 10:12 ` [PATCH 13/13] netfilter: fix nf_queue handling Pablo Neira Ayuso
2016-10-21 14:25 ` [PATCH 00/13] Netfilter fixes for net David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1477044743-18948-11-git-send-email-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).