From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [iptables PATCH v2 01/24] xtables_error() does not return
Date: Wed, 25 Sep 2019 23:25:42 +0200 [thread overview]
Message-ID: <20190925212605.1005-2-phil@nwl.cc> (raw)
In-Reply-To: <20190925212605.1005-1-phil@nwl.cc>
It's a define which resolves into a callback which in turn is declared
with noreturn attribute. It will never return, therefore drop all
explicit exit() calls or other dead code immediately following it.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
iptables/iptables-restore.c | 18 ++++++------------
iptables/iptables-xml.c | 22 +++++++---------------
iptables/nft.c | 8 ++------
iptables/xshared.c | 1 -
iptables/xtables-restore.c | 13 ++++---------
5 files changed, 19 insertions(+), 43 deletions(-)
diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c
index 430be18b3c300..6bc182bfae4a2 100644
--- a/iptables/iptables-restore.c
+++ b/iptables/iptables-restore.c
@@ -82,11 +82,10 @@ create_handle(struct iptables_restore_cb *cb, const char *tablename)
handle = cb->ops->init(tablename);
}
- if (!handle) {
+ if (!handle)
xtables_error(PARAMETER_PROBLEM, "%s: unable to initialize "
"table '%s'\n", xt_params->program_name, tablename);
- exit(1);
- }
+
return handle;
}
@@ -207,12 +206,11 @@ ip46tables_restore_main(struct iptables_restore_cb *cb, int argc, char *argv[])
table = strtok(buffer+1, " \t\n");
DEBUGP("line %u, table '%s'\n", line, table);
- if (!table) {
+ if (!table)
xtables_error(PARAMETER_PROBLEM,
"%s: line %u table name invalid\n",
xt_params->program_name, line);
- exit(1);
- }
+
strncpy(curtable, table, XT_TABLE_MAXNAMELEN);
curtable[XT_TABLE_MAXNAMELEN] = '\0';
@@ -248,12 +246,10 @@ ip46tables_restore_main(struct iptables_restore_cb *cb, int argc, char *argv[])
chain = strtok(buffer+1, " \t\n");
DEBUGP("line %u, chain '%s'\n", line, chain);
- if (!chain) {
+ if (!chain)
xtables_error(PARAMETER_PROBLEM,
"%s: line %u chain name invalid\n",
xt_params->program_name, line);
- exit(1);
- }
if (strlen(chain) >= XT_EXTENSION_MAXNAMELEN)
xtables_error(PARAMETER_PROBLEM,
@@ -281,12 +277,10 @@ ip46tables_restore_main(struct iptables_restore_cb *cb, int argc, char *argv[])
policy = strtok(NULL, " \t\n");
DEBUGP("line %u, policy '%s'\n", line, policy);
- if (!policy) {
+ if (!policy)
xtables_error(PARAMETER_PROBLEM,
"%s: line %u policy invalid\n",
xt_params->program_name, line);
- exit(1);
- }
if (strcmp(policy, "-") != 0) {
struct xt_counters count = {};
diff --git a/iptables/iptables-xml.c b/iptables/iptables-xml.c
index 9d9ce6d4a13ee..36ad78450b1ef 100644
--- a/iptables/iptables-xml.c
+++ b/iptables/iptables-xml.c
@@ -208,12 +208,11 @@ needChain(char *chain)
static void
saveChain(char *chain, char *policy, struct xt_counters *ctr)
{
- if (nextChain >= maxChains) {
+ if (nextChain >= maxChains)
xtables_error(PARAMETER_PROBLEM,
"%s: line %u chain name invalid\n",
prog_name, line);
- exit(1);
- };
+
chains[nextChain].chain = strdup(chain);
chains[nextChain].policy = strdup(policy);
chains[nextChain].count = *ctr;
@@ -606,12 +605,11 @@ iptables_xml_main(int argc, char *argv[])
table = strtok(buffer + 1, " \t\n");
DEBUGP("line %u, table '%s'\n", line, table);
- if (!table) {
+ if (!table)
xtables_error(PARAMETER_PROBLEM,
"%s: line %u table name invalid\n",
prog_name, line);
- exit(1);
- }
+
openTable(table);
ret = 1;
@@ -623,23 +621,19 @@ iptables_xml_main(int argc, char *argv[])
chain = strtok(buffer + 1, " \t\n");
DEBUGP("line %u, chain '%s'\n", line, chain);
- if (!chain) {
+ if (!chain)
xtables_error(PARAMETER_PROBLEM,
"%s: line %u chain name invalid\n",
prog_name, line);
- exit(1);
- }
DEBUGP("Creating new chain '%s'\n", chain);
policy = strtok(NULL, " \t\n");
DEBUGP("line %u, policy '%s'\n", line, policy);
- if (!policy) {
+ if (!policy)
xtables_error(PARAMETER_PROBLEM,
"%s: line %u policy invalid\n",
prog_name, line);
- exit(1);
- }
ctrs = strtok(NULL, " \t\n");
parse_counters(ctrs, &count);
@@ -735,13 +729,11 @@ iptables_xml_main(int argc, char *argv[])
param_buffer[1] != '-' &&
strchr(param_buffer, 't')) ||
(!strncmp(param_buffer, "--t", 3) &&
- !strncmp(param_buffer, "--table", strlen(param_buffer)))) {
+ !strncmp(param_buffer, "--table", strlen(param_buffer))))
xtables_error(PARAMETER_PROBLEM,
"Line %u seems to have a "
"-t table option.\n",
line);
- exit(1);
- }
add_argv(param_buffer, quoted);
if (newargc >= 2
diff --git a/iptables/nft.c b/iptables/nft.c
index 8047a51f00493..90bb0c63c025a 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2517,10 +2517,8 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table,
ops = nft_family_ops_lookup(h->family);
- if (!nft_is_table_compatible(h, table)) {
+ if (!nft_is_table_compatible(h, table))
xtables_error(OTHER_PROBLEM, "table `%s' is incompatible, use 'nft' tool.\n", table);
- return 0;
- }
list = nft_chain_list_get(h, table);
if (!list)
@@ -2620,10 +2618,8 @@ int nft_rule_list_save(struct nft_handle *h, const char *chain,
nft_xt_builtin_init(h, table);
- if (!nft_is_table_compatible(h, table)) {
+ if (!nft_is_table_compatible(h, table))
xtables_error(OTHER_PROBLEM, "table `%s' is incompatible, use 'nft' tool.\n", table);
- return 0;
- }
list = nft_chain_list_get(h, table);
if (!list)
diff --git a/iptables/xshared.c b/iptables/xshared.c
index 36a2ec5f193d3..5e6cd4ae7c908 100644
--- a/iptables/xshared.c
+++ b/iptables/xshared.c
@@ -181,7 +181,6 @@ int command_default(struct iptables_command_state *cs,
xtables_error(PARAMETER_PROBLEM, "unknown option "
"\"%s\"", cs->argv[optind-1]);
xtables_error(PARAMETER_PROBLEM, "Unknown arg \"%s\"", optarg);
- return 0;
}
static mainfunc_t subcmd_get(const char *cmd, const struct subcommand *cb)
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index f930f5ba2d167..27e65b971727e 100644
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c
@@ -131,12 +131,11 @@ void xtables_restore_parse(struct nft_handle *h,
table = strtok(buffer+1, " \t\n");
DEBUGP("line %u, table '%s'\n", line, table);
- if (!table) {
+ if (!table)
xtables_error(PARAMETER_PROBLEM,
"%s: line %u table name invalid\n",
xt_params->program_name, line);
- exit(1);
- }
+
curtable = nft_table_builtin_find(h, table);
if (!curtable)
xtables_error(PARAMETER_PROBLEM,
@@ -168,12 +167,10 @@ void xtables_restore_parse(struct nft_handle *h,
chain = strtok(buffer+1, " \t\n");
DEBUGP("line %u, chain '%s'\n", line, chain);
- if (!chain) {
+ if (!chain)
xtables_error(PARAMETER_PROBLEM,
"%s: line %u chain name invalid\n",
xt_params->program_name, line);
- exit(1);
- }
if (strlen(chain) >= XT_EXTENSION_MAXNAMELEN)
xtables_error(PARAMETER_PROBLEM,
@@ -183,12 +180,10 @@ void xtables_restore_parse(struct nft_handle *h,
policy = strtok(NULL, " \t\n");
DEBUGP("line %u, policy '%s'\n", line, policy);
- if (!policy) {
+ if (!policy)
xtables_error(PARAMETER_PROBLEM,
"%s: line %u policy invalid\n",
xt_params->program_name, line);
- exit(1);
- }
if (nft_chain_builtin_find(curtable, chain)) {
if (counters) {
--
2.23.0
next prev parent reply other threads:[~2019-09-25 21:27 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-25 21:25 [iptables PATCH v2 00/24] Improve iptables-nft performance with large rulesets Phil Sutter
2019-09-25 21:25 ` Phil Sutter [this message]
2019-09-25 21:31 ` [iptables PATCH v2 01/24] xtables_error() does not return Florian Westphal
2019-09-25 21:47 ` Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 02/24] tests/shell: Speed up ipt-restore/0004-restore-race_0 Phil Sutter
2019-09-26 9:07 ` Florian Westphal
2019-09-25 21:25 ` [iptables PATCH v2 03/24] tests: shell: Support running for legacy/nft only Phil Sutter
2019-09-27 14:19 ` Florian Westphal
2019-09-30 16:20 ` Pablo Neira Ayuso
2019-09-25 21:25 ` [iptables PATCH v2 04/24] nft: Fix for add and delete of same rule in single batch Phil Sutter
2019-09-27 14:20 ` Florian Westphal
2019-09-30 16:36 ` Pablo Neira Ayuso
2019-09-25 21:25 ` [iptables PATCH v2 05/24] nft: Make nftnl_table_list_get() fetch only tables Phil Sutter
2019-09-27 14:25 ` Florian Westphal
2019-09-25 21:25 ` [iptables PATCH v2 06/24] xtables-restore: Minimize caching when flushing Phil Sutter
2019-09-27 14:27 ` Florian Westphal
2019-09-25 21:25 ` [iptables PATCH v2 07/24] nft: Support fetch_rule_cache() per chain Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 08/24] nft: Fetch only chains in nft_chain_list_get() Phil Sutter
2019-09-30 16:57 ` Pablo Neira Ayuso
2019-09-30 17:12 ` Pablo Neira Ayuso
2019-09-25 21:25 ` [iptables PATCH v2 09/24] nft: Support fetch_chain_cache() per table Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 10/24] nft: Support fetch_chain_cache() per chain Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 11/24] nft: Support nft_chain_list_get() " Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 12/24] nft: Reduce cache overhead of adding a custom chain Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 13/24] nft: Reduce cache overhead of nft_chain_builtin_init() Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 14/24] nft: Support nft_is_table_compatible() per chain Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 15/24] nft: Optimize flushing all chains of a table Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 16/24] xtables-restore: Introduce rule counter tokenizer function Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 17/24] xtables-restore: Carry in_table in struct nft_xt_restore_parse Phil Sutter
2019-09-30 16:30 ` Pablo Neira Ayuso
2019-09-30 16:31 ` Pablo Neira Ayuso
2019-09-25 21:25 ` [iptables PATCH v2 18/24] xtables-restore: Use xt_params->program_name Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 19/24] xtables-restore: Carry curtable in struct nft_xt_restore_parse Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 20/24] xtables-restore: Introduce line parsing function Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 21/24] tests: shell: Add ipt-restore/0007-flush-noflush_0 Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 22/24] xtables-restore: Remove some pointless linebreaks Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 23/24] xtables-restore: Allow lines without trailing newline character Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 24/24] xtables-restore: Improve performance of --noflush operation Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190925212605.1005-2-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).