Commit d2e4d593 authored by Arnd Bergmann's avatar Arnd Bergmann Committed by Pablo Neira Ayuso

netfilter: nf_tables: avoid uninitialized variable warning

The newly added nft_range_eval() function handles the two possible
nft range operations, but as the compiler warning points out,
any unexpected value would lead to the 'mismatch' variable being
used without being initialized:

net/netfilter/nft_range.c: In function 'nft_range_eval':
net/netfilter/nft_range.c:45:5: error: 'mismatch' may be used uninitialized in this function [-Werror=maybe-uninitialized]

This removes the variable in question and instead moves the
condition into the switch itself, which is potentially more
efficient than adding a bogus 'default' clause as in my
first approach, and is nicer than using the 'uninitialized_var'
macro.

Fixes: 0f3cd9b3 ("netfilter: nf_tables: add range expression")
Link: http://patchwork.ozlabs.org/patch/677114/Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent ccca6607
...@@ -28,22 +28,20 @@ static void nft_range_eval(const struct nft_expr *expr, ...@@ -28,22 +28,20 @@ static void nft_range_eval(const struct nft_expr *expr,
const struct nft_pktinfo *pkt) const struct nft_pktinfo *pkt)
{ {
const struct nft_range_expr *priv = nft_expr_priv(expr); const struct nft_range_expr *priv = nft_expr_priv(expr);
bool mismatch;
int d1, d2; int d1, d2;
d1 = memcmp(&regs->data[priv->sreg], &priv->data_from, priv->len); d1 = memcmp(&regs->data[priv->sreg], &priv->data_from, priv->len);
d2 = memcmp(&regs->data[priv->sreg], &priv->data_to, priv->len); d2 = memcmp(&regs->data[priv->sreg], &priv->data_to, priv->len);
switch (priv->op) { switch (priv->op) {
case NFT_RANGE_EQ: case NFT_RANGE_EQ:
mismatch = (d1 < 0 || d2 > 0); if (d1 < 0 || d2 > 0)
regs->verdict.code = NFT_BREAK;
break; break;
case NFT_RANGE_NEQ: case NFT_RANGE_NEQ:
mismatch = (d1 >= 0 && d2 <= 0); if (d1 >= 0 && d2 <= 0)
regs->verdict.code = NFT_BREAK;
break; break;
} }
if (mismatch)
regs->verdict.code = NFT_BREAK;
} }
static const struct nla_policy nft_range_policy[NFTA_RANGE_MAX + 1] = { static const struct nla_policy nft_range_policy[NFTA_RANGE_MAX + 1] = {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment