cache: assert filter when calling nft_cache_evaluate()

author Pablo Neira Ayuso <pablo@netfilter.org>

Thu, 29 Aug 2024 10:42:08 +0000 (12:42 +0200)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Fri, 30 Aug 2024 10:28:10 +0000 (12:28 +0200)
author Pablo Neira Ayuso <pablo@netfilter.org>
Thu, 29 Aug 2024 10:42:08 +0000 (12:42 +0200)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Fri, 30 Aug 2024 10:28:10 +0000 (12:28 +0200)
diff --git a/src/cache.c b/src/cache.c

index 72f2972f025931849fb3f265ad45ed9d70d59c1e..8cddabdb7b989195db423d78bbd717ca8fd7c7b2 100644 (file)
--- a/src/cache.c
+++ b/src/cache.c
@@ -212,18 +212,17 @@ static unsigned int evaluate_cache_list(struct nft_ctx *nft, struct cmd *cmd,
  {
         switch (cmd->obj) {
         case CMD_OBJ_TABLE:
-               if (filter)
-                       filter->list.family = cmd->handle.family;
+               filter->list.family = cmd->handle.family;
                 if (!cmd->handle.table.name) {
                         flags |= NFT_CACHE_TABLE;
                         break;
-               } else if (filter) {
+               } else {
                         filter->list.table = cmd->handle.table.name;
                 }
                 flags |= NFT_CACHE_FULL;
                 break;
         case CMD_OBJ_CHAIN:
-               if (filter && cmd->handle.chain.name) {
+               if (cmd->handle.chain.name) {
                         filter->list.family = cmd->handle.family;
                         filter->list.table = cmd->handle.table.name;
                         filter->list.chain = cmd->handle.chain.name;
@@ -236,7 +235,7 @@ static unsigned int evaluate_cache_list(struct nft_ctx *nft, struct cmd *cmd,
                 break;
         case CMD_OBJ_SET:
         case CMD_OBJ_MAP:
-               if (filter && cmd->handle.table.name && cmd->handle.set.name) {
+               if (cmd->handle.table.name && cmd->handle.set.name) {
                         filter->list.family = cmd->handle.family;
                         filter->list.table = cmd->handle.table.name;
                         filter->list.set = cmd->handle.set.name;
@@ -256,8 +255,7 @@ static unsigned int evaluate_cache_list(struct nft_ctx *nft, struct cmd *cmd,
                         flags |= NFT_CACHE_SETELEM;
                 break;
         case CMD_OBJ_FLOWTABLE:
-               if (filter &&
-                   cmd->handle.table.name &&
+               if (cmd->handle.table.name &&
                     cmd->handle.flowtable.name) {
                         filter->list.family = cmd->handle.family;
                         filter->list.table = cmd->handle.table.name;
@@ -314,8 +312,6 @@ static unsigned int evaluate_cache_list(struct nft_ctx *nft, struct cmd *cmd,
  static unsigned int evaluate_cache_reset(struct cmd *cmd, unsigned int flags,
                                          struct nft_cache_filter *filter)
  {
-       assert(filter);
-
         switch (cmd->obj) {
         case CMD_OBJ_TABLE:
         case CMD_OBJ_CHAIN:
@@ -482,6 +478,8 @@ int nft_cache_evaluate(struct nft_ctx *nft, struct list_head *cmds,
         unsigned int flags, batch_flags = NFT_CACHE_EMPTY;
         struct cmd *cmd;
  
+       assert(filter);
+
         list_for_each_entry(cmd, cmds, list) {
                 if (nft_handle_validate(cmd, msgs) < 0)
                         return -1;
author	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 29 Aug 2024 10:42:08 +0000 (12:42 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 30 Aug 2024 10:28:10 +0000 (12:28 +0200)