netfilter: ipset: add missing break statemtns in ip_set_get_ip_port()

Patrick McHardy <kaber@xxxxxxxxx> · Wed, 02 Feb 2011 09:35:08 +0100

Add missing break statements.

I assume the second switch statement which handles only TCP and UDP
is intended to indicate whether a real port number instead of ICMP
port and code were parsed? Otherwise we should add IPPROTO_ICMP and
IPPROTO_ICMPV6 there too.

commit 316ed388802533bcfd3dffb38d2ba29ac5428456
Author: Patrick McHardy <kaber@xxxxxxxxx>
Date:   Wed Feb 2 09:31:37 2011 +0100

    netfilter: ipset: add missing break statemtns in ip_set_get_ip_port()
    
    Don't fall through in the switch statement, otherwise IPv4 headers
    are incorrectly parsed again as IPv6 and the return value will always
    be 'false'.
    
    Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>

diff --git a/net/netfilter/ipset/ip_set_getport.c b/net/netfilter/ipset/ip_set_getport.c
index 76737bb..4dd2785 100644
--- a/net/netfilter/ipset/ip_set_getport.c
+++ b/net/netfilter/ipset/ip_set_getport.c
@@ -118,8 +118,10 @@ ip_set_get_ip_port(const struct sk_buff *skb, u8 pf, bool src, __be16 *port)
 	switch (pf) {
 	case AF_INET:
 		ret = ip_set_get_ip4_port(skb, src, port, &proto);
+		break;
 	case AF_INET6:
 		ret = ip_set_get_ip6_port(skb, src, port, &proto);
+		break;
 	default:
 		return false;
 	}




