Mark fall through cases in switch() statements

Typical covscan complaint, non-empty fall throughs should be marked as
such. There was but a single case which should break instead, namely in
libebt_log.c: It is not critical, since the next case merely asserts
'invert' being zero (which can't be as it was checked before). But while
being at it, introduce log_chk_inv() to consolidate the semantically
equal cases for the various log types.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/extensions/libebt_log.c b/extensions/libebt_log.c
index a86bdebaaae0ae4ea9048c032184490fa11e1934..8858cf0e22c0032cc82ba7b84ae05155b9f41801 100644 (file)
--- a/extensions/libebt_log.c
+++ b/extensions/libebt_log.c
@@ -92,6 +92,14 @@ static void brlog_init(struct xt_entry_target *t)
        loginfo->loglevel = LOG_NOTICE;
 }
 
+static unsigned int log_chk_inv(int inv, unsigned int bit, const char *suffix)
+{
+       if (inv)
+               xtables_error(PARAMETER_PROBLEM,
+                             "Unexpected `!' after --log%s", suffix);
+       return bit;
+}
+
 static int brlog_parse(int c, char **argv, int invert, unsigned int *flags,
                       const void *entry, struct xt_entry_target **target)
 {
@@ -125,26 +133,16 @@ static int brlog_parse(int c, char **argv, int invert, unsigned int *flags,
                                      "Problem with the log-level");
                break;
        case LOG_IP:
-               if (invert)
-                       xtables_error(PARAMETER_PROBLEM,
-                                     "Unexpected `!' after --log-ip");
-               loginfo->bitmask |= EBT_LOG_IP;
+               loginfo->bitmask |= log_chk_inv(invert, EBT_LOG_IP, "-ip");
                break;
        case LOG_ARP:
-               if (invert)
-                       xtables_error(PARAMETER_PROBLEM,
-                                     "Unexpected `!' after --log-arp");
-               loginfo->bitmask |= EBT_LOG_ARP;
+               loginfo->bitmask |= log_chk_inv(invert, EBT_LOG_ARP, "-arp");
+               break;
        case LOG_LOG:
-               if (invert)
-                       xtables_error(PARAMETER_PROBLEM,
-                                     "Unexpected `!' after --log");
+               loginfo->bitmask |= log_chk_inv(invert, 0, "");
                break;
        case LOG_IP6:
-               if (invert)
-                       xtables_error(PARAMETER_PROBLEM,
-                                     "Unexpected `!' after --log-ip6");
-               loginfo->bitmask |= EBT_LOG_IP6;
+               loginfo->bitmask |= log_chk_inv(invert, EBT_LOG_IP6, "-ip6");
                break;
        default:
                return 0;

diff --git a/extensions/libxt_set.c b/extensions/libxt_set.c
index 679c04c75b0f65da8f6e9a5665c22644d3d6c58b..16921023a22f8694c3b2d1eaf6dc55d2666005d3 100644 (file)
--- a/extensions/libxt_set.c
+++ b/extensions/libxt_set.c
@@ -60,6 +60,7 @@ set_parse_v0(int c, char **argv, int invert, unsigned int *flags,
        case '2':
                fprintf(stderr,
                        "--set option deprecated, please use --match-set\n");
+               /* fall through */
        case '1':               /* --match-set <set> <flag>[,<flag> */
                if (info->u.flags[0])
                        xtables_error(PARAMETER_PROBLEM,
@@ -140,6 +141,7 @@ set_parse_v1(int c, char **argv, int invert, unsigned int *flags,
        case '2':
                fprintf(stderr,
                        "--set option deprecated, please use --match-set\n");
+               /* fall through */
        case '1':               /* --match-set <set> <flag>[,<flag> */
                if (info->dim)
                        xtables_error(PARAMETER_PROBLEM,
@@ -238,6 +240,7 @@ set_parse_v2(int c, char **argv, int invert, unsigned int *flags,
        case '2':
                fprintf(stderr,
                        "--set option deprecated, please use --match-set\n");
+               /* fall through */
        case '1':               /* --match-set <set> <flag>[,<flag> */
                if (info->dim)
                        xtables_error(PARAMETER_PROBLEM,
@@ -415,6 +418,7 @@ set_parse_v3(int c, char **argv, int invert, unsigned int *flags,
        case '2':
                fprintf(stderr,
                        "--set option deprecated, please use --match-set\n");
+               /* fall through */
        case '1':               /* --match-set <set> <flag>[,<flag> */
                if (info->match_set.dim)
                        xtables_error(PARAMETER_PROBLEM,
@@ -583,6 +587,7 @@ set_parse_v4(int c, char **argv, int invert, unsigned int *flags,
        case '2':
                fprintf(stderr,
                        "--set option deprecated, please use --match-set\n");
+               /* fall through */
        case '1':               /* --match-set <set> <flag>[,<flag> */
                if (info->match_set.dim)
                        xtables_error(PARAMETER_PROBLEM,

diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index c8414294833c532d2c4599601e4f5ed7f2b350b5..a38ffd3aa1145e16facc882199f398edbac127ca 100644 (file)
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -547,6 +547,7 @@ void nft_parse_immediate(struct nft_xt_ctx *ctx, struct nftnl_expr *e)
                break;;
        case NFT_GOTO:
                nft_goto = true;
+               /* fall through */
        case NFT_JUMP:
                jumpto = chain;
                break;