]> git.ipfire.org Git - thirdparty/libnftnl.git/commitdiff
projects / thirdparty / libnftnl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4ed45d7)
expr: Call expr_ops::set with legal types only
authorPhil Sutter <phil@nwl.cc>
Wed, 13 Dec 2023 22:49:53 +0000 (23:49 +0100)
committerPhil Sutter <phil@nwl.cc>
Wed, 6 Mar 2024 14:40:37 +0000 (15:40 +0100)
Having the new expr_ops::nftnl_max_attr field in place, the valid range
of attribute type values is known now. Reject illegal ones upfront.

Consequently drop the default case from callbacks' switches which handle
all supported attributes.

Signed-off-by: Phil Sutter <phil@nwl.cc>
34 files changed:
src/expr.c patch | blob | blame | history
src/expr/bitwise.c patch | blob | blame | history
src/expr/byteorder.c patch | blob | blame | history
src/expr/cmp.c patch | blob | blame | history
src/expr/connlimit.c patch | blob | blame | history
src/expr/counter.c patch | blob | blame | history
src/expr/ct.c patch | blob | blame | history
src/expr/dup.c patch | blob | blame | history
src/expr/exthdr.c patch | blob | blame | history
src/expr/fib.c patch | blob | blame | history
src/expr/flow_offload.c patch | blob | blame | history
src/expr/fwd.c patch | blob | blame | history
src/expr/immediate.c patch | blob | blame | history
src/expr/inner.c patch | blob | blame | history
src/expr/last.c patch | blob | blame | history
src/expr/limit.c patch | blob | blame | history
src/expr/log.c patch | blob | blame | history
src/expr/lookup.c patch | blob | blame | history
src/expr/masq.c patch | blob | blame | history
src/expr/match.c patch | blob | blame | history
src/expr/meta.c patch | blob | blame | history
src/expr/nat.c patch | blob | blame | history
src/expr/objref.c patch | blob | blame | history
src/expr/payload.c patch | blob | blame | history
src/expr/queue.c patch | blob | blame | history
src/expr/quota.c patch | blob | blame | history
src/expr/range.c patch | blob | blame | history
src/expr/redir.c patch | blob | blame | history
src/expr/reject.c patch | blob | blame | history
src/expr/rt.c patch | blob | blame | history
src/expr/socket.c patch | blob | blame | history
src/expr/target.c patch | blob | blame | history
src/expr/tproxy.c patch | blob | blame | history
src/expr/tunnel.c patch | blob | blame | history

diff --git a/src/expr.c b/src/expr.c
index b4581f1a79ff6fcd5ec5e8c536fcebca41179958..74d211bcaa123670652e9c019b25e9bdba6f3df5 100644 (file)
--- a/src/expr.c
+++ b/src/expr.c
@@ -71,6 +71,9 @@ int nftnl_expr_set(struct nftnl_expr *expr, uint16_t type,
        case NFTNL_EXPR_NAME:   /* cannot be modified */
                return 0;
        default:
+               if (type < NFTNL_EXPR_BASE || type > expr->ops->nftnl_max_attr)
+                       return -1;
+
                if (expr->ops->set(expr, type, data, data_len) < 0)
                        return -1;
        }
diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c
index 69efe1d7e868fe58e4f4313fb526d5d08790a96f..e219d49a5f440a46bfeec8d11aa0a97b6c25878c 100644 (file)
--- a/src/expr/bitwise.c
+++ b/src/expr/bitwise.c
@@ -56,8 +56,6 @@ nftnl_expr_bitwise_set(struct nftnl_expr *e, uint16_t type,
                return nftnl_data_cpy(&bitwise->xor, data, data_len);
        case NFTNL_EXPR_BITWISE_DATA:
                return nftnl_data_cpy(&bitwise->data, data, data_len);
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/byteorder.c b/src/expr/byteorder.c
index f05ae59b688eb98f8a74c2857ffa7d00ecf43fa5..8c7661fcc45ce2dec98afc22cd770c1e0be5eba7 100644 (file)
--- a/src/expr/byteorder.c
+++ b/src/expr/byteorder.c
@@ -51,8 +51,6 @@ nftnl_expr_byteorder_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_BYTEORDER_SIZE:
                memcpy(&byteorder->size, data, sizeof(byteorder->size));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/cmp.c b/src/expr/cmp.c
index 40431fad56f3ee74b386d5c46101a46aeaed194e..fe6f5997a0f3aca26b21a7580395e139acfcff2e 100644 (file)
--- a/src/expr/cmp.c
+++ b/src/expr/cmp.c
@@ -43,8 +43,6 @@ nftnl_expr_cmp_set(struct nftnl_expr *e, uint16_t type,
                break;
        case NFTNL_EXPR_CMP_DATA:
                return nftnl_data_cpy(&cmp->data, data, data_len);
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/connlimit.c b/src/expr/connlimit.c
index 3b6c36c490636241c6355b52d0c1b3280146049d..90613f2241ded08634b2b2c52a2098478350e085 100644 (file)
--- a/src/expr/connlimit.c
+++ b/src/expr/connlimit.c
@@ -38,8 +38,6 @@ nftnl_expr_connlimit_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_CONNLIMIT_FLAGS:
                memcpy(&connlimit->flags, data, sizeof(connlimit->flags));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/counter.c b/src/expr/counter.c
index 0595d505eb2fc00c12cb44ae3afb075a5f9b846c..a003e24c6a68d2951b31159b8464dc3679e15afd 100644 (file)
--- a/src/expr/counter.c
+++ b/src/expr/counter.c
@@ -40,8 +40,6 @@ nftnl_expr_counter_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_CTR_PACKETS:
                memcpy(&ctr->pkts, data, sizeof(ctr->pkts));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/ct.c b/src/expr/ct.c
index 36b61fdeaaf26acb55b5d60016c13b7ce0bc2fb2..197454e5477847a8d481916966992f11387f1807 100644 (file)
--- a/src/expr/ct.c
+++ b/src/expr/ct.c
@@ -50,8 +50,6 @@ nftnl_expr_ct_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_CT_SREG:
                memcpy(&ct->sreg, data, sizeof(ct->sreg));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/dup.c b/src/expr/dup.c
index 33731cc29b1652cacd40904dc4294f6391cc724d..20100abf8b3c33abc087b62094b5fb44fc93e482 100644 (file)
--- a/src/expr/dup.c
+++ b/src/expr/dup.c
@@ -37,8 +37,6 @@ static int nftnl_expr_dup_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_DUP_SREG_DEV:
                memcpy(&dup->sreg_dev, data, sizeof(dup->sreg_dev));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/exthdr.c b/src/expr/exthdr.c
index a1227a6cb4509422d3455c43d44f504a88e9eddb..77ff7dba37d8307e7158efbf4efe67f1b9dada0c 100644 (file)
--- a/src/expr/exthdr.c
+++ b/src/expr/exthdr.c
@@ -66,8 +66,6 @@ nftnl_expr_exthdr_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_EXTHDR_SREG:
                memcpy(&exthdr->sreg, data, sizeof(exthdr->sreg));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/fib.c b/src/expr/fib.c
index 36637bd74f056af06ccc720cf807f584f8eefe86..5d2303f9ebe8384b0e26fe91fcfee9cc729f9478 100644 (file)
--- a/src/expr/fib.c
+++ b/src/expr/fib.c
@@ -43,8 +43,6 @@ nftnl_expr_fib_set(struct nftnl_expr *e, uint16_t result,
        case NFTNL_EXPR_FIB_FLAGS:
                memcpy(&fib->flags, data, sizeof(fib->flags));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/flow_offload.c b/src/expr/flow_offload.c
index f60471240cc40832d4caa2128e520b32152fcc73..9ab068d29adaa8ed6a4f4ed02f5feaef764f3b82 100644 (file)
--- a/src/expr/flow_offload.c
+++ b/src/expr/flow_offload.c
@@ -25,8 +25,6 @@ static int nftnl_expr_flow_set(struct nftnl_expr *e, uint16_t type,
                if (!flow->table_name)
                        return -1;
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/fwd.c b/src/expr/fwd.c
index 3aaf328313cd9d57234bb52978a765f393c049fa..bd1b1d81eb2adf0f02e46630469cfa41bc1731ae 100644 (file)
--- a/src/expr/fwd.c
+++ b/src/expr/fwd.c
@@ -41,8 +41,6 @@ static int nftnl_expr_fwd_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_FWD_NFPROTO:
                memcpy(&fwd->nfproto, data, sizeof(fwd->nfproto));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/immediate.c b/src/expr/immediate.c
index 644603fab2f4ff3d5abeef13af146d664dcbe631..67e49025e542196055bd46923dc4663be46b9737 100644 (file)
--- a/src/expr/immediate.c
+++ b/src/expr/immediate.c
@@ -51,8 +51,6 @@ nftnl_expr_immediate_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_IMM_CHAIN_ID:
                memcpy(&imm->data.chain_id, data, sizeof(uint32_t));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/inner.c b/src/expr/inner.c
index cb6f607138ce3b1c0202991c3bf0227575c35084..515f68d7b9d72e5d390bcdba4d7e529ed62dd194 100644 (file)
--- a/src/expr/inner.c
+++ b/src/expr/inner.c
@@ -59,8 +59,6 @@ nftnl_expr_inner_set(struct nftnl_expr *e, uint16_t type,
 
                inner->expr = (void *)data;
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/last.c b/src/expr/last.c
index 273aaa1e14a858bd3fc55b75adcc6a18278d1b25..8aa772c615345f74baddae9351f692f9ea19ef94 100644 (file)
--- a/src/expr/last.c
+++ b/src/expr/last.c
@@ -37,8 +37,6 @@ static int nftnl_expr_last_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_LAST_SET:
                memcpy(&last->set, data, sizeof(last->set));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/limit.c b/src/expr/limit.c
index a1f9eac390d9116223ed2ef9fd3aa65fb20c03fa..355d46acca4e52a89b1e7e98646168e5c497bf25 100644 (file)
--- a/src/expr/limit.c
+++ b/src/expr/limit.c
@@ -52,8 +52,6 @@ nftnl_expr_limit_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_LIMIT_FLAGS:
                memcpy(&limit->flags, data, sizeof(limit->flags));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/log.c b/src/expr/log.c
index 6df030d83fcd2b55b78f36deac0d09151cb0c962..868da61d95795ba33605a1e2824de2842e6a93a8 100644 (file)
--- a/src/expr/log.c
+++ b/src/expr/log.c
@@ -60,8 +60,6 @@ static int nftnl_expr_log_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_LOG_FLAGS:
                memcpy(&log->flags, data, sizeof(log->flags));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/lookup.c b/src/expr/lookup.c
index 8b230818c1bed2a1f6055c38d961e557d2d56118..ca58a38855734f809d0efcc47f7856ffbde43cf8 100644 (file)
--- a/src/expr/lookup.c
+++ b/src/expr/lookup.c
@@ -53,8 +53,6 @@ nftnl_expr_lookup_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_LOOKUP_FLAGS:
                memcpy(&lookup->flags, data, sizeof(lookup->flags));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/masq.c b/src/expr/masq.c
index a103cc33e23f79bc2513b63e7f7b87222b555e13..fa2f4afe2c6001d161d5eff5e022e7b109ede18c 100644 (file)
--- a/src/expr/masq.c
+++ b/src/expr/masq.c
@@ -42,8 +42,6 @@ nftnl_expr_masq_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_MASQ_REG_PROTO_MAX:
                memcpy(&masq->sreg_proto_max, data, sizeof(masq->sreg_proto_max));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/match.c b/src/expr/match.c
index eed85db4d40d1c85809e73a06b0717d4f5221907..16e73673df3256c3cafe61ce33926133f1c3d7da 100644 (file)
--- a/src/expr/match.c
+++ b/src/expr/match.c
@@ -55,8 +55,6 @@ nftnl_expr_match_set(struct nftnl_expr *e, uint16_t type,
                mt->data = data;
                mt->data_len = data_len;
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/meta.c b/src/expr/meta.c
index f86fdffd3f14e524561bdd369e7cb967aa0f3df1..1db2c19e21342bfc1b62ac5aac4d605b11a5b01c 100644 (file)
--- a/src/expr/meta.c
+++ b/src/expr/meta.c
@@ -47,8 +47,6 @@ nftnl_expr_meta_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_META_SREG:
                memcpy(&meta->sreg, data, sizeof(meta->sreg));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/nat.c b/src/expr/nat.c
index 1d10bc1c5442d8e9f965f1d1efe1445c0cd042d7..724894a2097d48e8eeb492fa1351800df4a453ff 100644 (file)
--- a/src/expr/nat.c
+++ b/src/expr/nat.c
@@ -62,8 +62,6 @@ nftnl_expr_nat_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_NAT_FLAGS:
                memcpy(&nat->flags, data, sizeof(nat->flags));
                break;
-       default:
-               return -1;
        }
 
        return 0;
diff --git a/src/expr/objref.c b/src/expr/objref.c
index e96bd6977e93aeb5f9d9aaa4b59171be3fd9bc40..28cd2cc025b4082f7885eeca96d6ea56c721ca81 100644 (file)
--- a/src/expr/objref.c
+++ b/src/expr/objref.c
@@ -57,8 +57,6 @@ static int nftnl_expr_objref_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_OBJREF_SET_ID:
                memcpy(&objref->set.id, data, sizeof(objref->set.id));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/payload.c b/src/expr/payload.c
index f603662ac8da743bcee105775ded91cc572cb356..73cb1887368395f35a34f7331cdce6530e0852c0 100644 (file)
--- a/src/expr/payload.c
+++ b/src/expr/payload.c
@@ -66,8 +66,6 @@ nftnl_expr_payload_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_PAYLOAD_FLAGS:
                memcpy(&payload->csum_flags, data, sizeof(payload->csum_flags));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/queue.c b/src/expr/queue.c
index fba65d1003b31c695fc104802e1611c063708030..3343dd47665e49932918d7a3aa241a7a6d43d064 100644 (file)
--- a/src/expr/queue.c
+++ b/src/expr/queue.c
@@ -45,8 +45,6 @@ static int nftnl_expr_queue_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_QUEUE_SREG_QNUM:
                memcpy(&queue->sreg_qnum, data, sizeof(queue->sreg_qnum));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/quota.c b/src/expr/quota.c
index d3923f3197900b5571f250413df7912f3b82b77b..2a3a05a82d6a2ff100b1b3b074fe219026655c08 100644 (file)
--- a/src/expr/quota.c
+++ b/src/expr/quota.c
@@ -41,8 +41,6 @@ static int nftnl_expr_quota_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_QUOTA_FLAGS:
                memcpy(&quota->flags, data, sizeof(quota->flags));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/range.c b/src/expr/range.c
index cb3708c8a003dbe350d65dbc670b2c191dfd00cb..d0c52b9a71938ad5f889c91dd2178c40344309c9 100644 (file)
--- a/src/expr/range.c
+++ b/src/expr/range.c
@@ -43,8 +43,6 @@ static int nftnl_expr_range_set(struct nftnl_expr *e, uint16_t type,
                return nftnl_data_cpy(&range->data_from, data, data_len);
        case NFTNL_EXPR_RANGE_TO_DATA:
                return nftnl_data_cpy(&range->data_to, data, data_len);
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/redir.c b/src/expr/redir.c
index eca8bfe1abd4c1343cf10b3addc587051ae0a71b..a5a5e7d5677f93aa3850dcf4dc79dc43059a283c 100644 (file)
--- a/src/expr/redir.c
+++ b/src/expr/redir.c
@@ -42,8 +42,6 @@ nftnl_expr_redir_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_REDIR_FLAGS:
                memcpy(&redir->flags, data, sizeof(redir->flags));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/reject.c b/src/expr/reject.c
index 6b923adf5e56917d26032d558973107429195857..8a0653d0f674c84fc7cacf3797625767f9d05be5 100644 (file)
--- a/src/expr/reject.c
+++ b/src/expr/reject.c
@@ -38,8 +38,6 @@ static int nftnl_expr_reject_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_REJECT_CODE:
                memcpy(&reject->icmp_code, data, sizeof(reject->icmp_code));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/rt.c b/src/expr/rt.c
index aaec43025011b37f53989cd21118a252827ffd7a..de2bd2f1f90a5e81b6d549b53fbfc1fa46e45248 100644 (file)
--- a/src/expr/rt.c
+++ b/src/expr/rt.c
@@ -37,8 +37,6 @@ nftnl_expr_rt_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_RT_DREG:
                memcpy(&rt->dreg, data, sizeof(rt->dreg));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/socket.c b/src/expr/socket.c
index ef299c456cdd1a6162de597a6c47b8ed9d87f9ce..9b6c3ea3ebb5053b1bf61752a6e713c07ffac28b 100644 (file)
--- a/src/expr/socket.c
+++ b/src/expr/socket.c
@@ -41,8 +41,6 @@ nftnl_expr_socket_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_SOCKET_LEVEL:
                memcpy(&socket->level, data, sizeof(socket->level));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/target.c b/src/expr/target.c
index ebc48bafb06cc05c0095487791d906ac943f4027..cc0566c1d4b8f195b3068ae3dcfa49292dab5a11 100644 (file)
--- a/src/expr/target.c
+++ b/src/expr/target.c
@@ -55,8 +55,6 @@ nftnl_expr_target_set(struct nftnl_expr *e, uint16_t type,
                tg->data = data;
                tg->data_len = data_len;
                break;
-       default:
-               return -1;
        }
        return 0;
 }
diff --git a/src/expr/tproxy.c b/src/expr/tproxy.c
index ac5419b1f3405143ce42c04215dd5055b3158d63..c6ed8881619181d1acff3d441703f67960108d26 100644 (file)
--- a/src/expr/tproxy.c
+++ b/src/expr/tproxy.c
@@ -42,8 +42,6 @@ nftnl_expr_tproxy_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_TPROXY_REG_PORT:
                memcpy(&tproxy->sreg_port, data, sizeof(tproxy->sreg_port));
                break;
-       default:
-               return -1;
        }
 
        return 0;
diff --git a/src/expr/tunnel.c b/src/expr/tunnel.c
index e381994707fe9e82bcaf12b02dff8fc24dfa59af..e59744b070f50f9ae5cfc1f47a4faa84ff2578e2 100644 (file)
--- a/src/expr/tunnel.c
+++ b/src/expr/tunnel.c
@@ -36,8 +36,6 @@ static int nftnl_expr_tunnel_set(struct nftnl_expr *e, uint16_t type,
        case NFTNL_EXPR_TUNNEL_DREG:
                memcpy(&tunnel->dreg, data, sizeof(tunnel->dreg));
                break;
-       default:
-               return -1;
        }
        return 0;
 }
Mirror of https://git.netfilter.org/libnftnl