On Thu, Nov 26, 2015 at 09:32:02AM +0000, Linmujia wrote:
> Hi,I reviewed nftables code and add some default branch for code itegrality.
>
> Thanks!
>
> Signed-off-by: linmujia <linmujia@xxxxxxxxxx>
> ---
> src/netlink.c | 25 +++++++++++++++++++++++++
> 1 file changed, 25 insertions(+)
>
> diff --git a/src/netlink.c b/src/netlink.c
> index 974afb1..7821169 100644
> --- a/src/netlink.c
> +++ b/src/netlink.c
> @@ -307,6 +307,8 @@ static void netlink_gen_verdict(const struct expr *expr,
> strncpy(data->chain, expr->chain, NFT_CHAIN_MAXNAMELEN);
> data->chain[NFT_CHAIN_MAXNAMELEN-1] = '\0';
> break;
> + default:
> + BUG("invalid verdict value %u\n", expr->verdict);
> }
> }
> @@ -1670,6 +1672,8 @@ static uint32_t netlink_msg2nftnl_of(uint32_t msg)
> case NFT_MSG_DELSETELEM:
> case NFT_MSG_DELRULE:
> return NFTNL_OF_EVENT_DEL;
> + default:
> + BUG("invalid nft msg type %u\n", msg);
> }
> return 0;
> @@ -1741,6 +1745,8 @@ static int netlink_events_table_cb(const struct nlmsghdr *nlh, int type,
> netlink_msg2nftnl_of(type));
> fprintf(stdout, "\n");
> break;
> + default:
> + BUG("invalid output format %u\n", monh->format);
This will break old nft versions with new kernels, in case we add new
netlink messages.
And that is very likely to happen.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
