Re: [PATCH nf-next] netfilter: ftp: Remove the useless dlen==0 condition check in find_pattern

Feng Gao <gfree.wind@xxxxxxxxx> · Thu, 1 Sep 2016 19:01:51 +0800

On Thu, Sep 1, 2016 at 6:20 PM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> On Thu, Sep 01, 2016 at 10:26:08AM +0800, Feng Gao wrote:
>> On Thu, Sep 1, 2016 at 10:14 AM,  <fgao@xxxxxxxxxx> wrote:
>> > From: Gao Feng <fgao@xxxxxxxxxx>
>> >
>> > The caller function "help" has already make sure the datalen could not be zero
>> > before invoke find_pattern as a parameter by the following codes
>> >
>> >         if (dataoff >= skb->len) {
>> >                 pr_debug("ftp: dataoff(%u) >= skblen(%u)\n", dataoff,
>> >                          skb->len);
>> >                 return NF_ACCEPT;
>> >         }
>> >         datalen = skb->len - dataoff;
>> >
>> > And the latter codes "ends_in_nl = (fb_ptr[datalen - 1] == '\n');" use datalen
>> > directly without checking if it is zero.
>> >
>> > So it is unneccessary to check it in find_pattern too.
>> >
>> > Signed-off-by: Gao Feng <fgao@xxxxxxxxxx>
>> > ---
>> >  net/netfilter/nf_conntrack_ftp.c | 12 ------------
>> >  1 file changed, 12 deletions(-)
>> >
>> > diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c
>> > index b6934b5..77f05ac 100644
>> > --- a/net/netfilter/nf_conntrack_ftp.c
>> > +++ b/net/netfilter/nf_conntrack_ftp.c
>> > @@ -301,8 +301,6 @@ static int find_pattern(const char *data, size_t dlen,
>> >         size_t i = plen;
>> >
>> >         pr_debug("find_pattern `%s': dlen = %Zu\n", pattern, dlen);
>> > -       if (dlen == 0)
>> > -               return 0;
>> >
>> >         if (dlen <= plen) {
>> >                 /* Short packet: try for partial? */
>> > @@ -312,16 +310,6 @@ static int find_pattern(const char *data, size_t dlen,
>> >         }
>> >
>> >         if (strncasecmp(data, pattern, plen) != 0) {
>> > -#if 0
>> > -               size_t i;
>> > -
>> > -               pr_debug("ftp: string mismatch\n");
>> > -               for (i = 0; i < plen; i++) {
>> > -                       pr_debug("ftp:char %u `%c'(%u) vs `%c'(%u)\n",
>> > -                                i, data[i], data[i],
>> > -                                pattern[i], pattern[i]);
>> > -               }
>> > -#endif
>> >                 return 0;
>> >         }
>> >
>> > --
>> > 1.9.1
>> >
>> >
>>
>> Sorry, I forget one point. I also remove some codes which are
>> commented out by #if0.
>
> Please, do this in a separated patch. Thanks.

Done.
I thought the "#if 0" change is very tiny, and it did not deserve one commit.

Now I get it. It needs one separate commit, even though how tiny it is.

Best Regards
Feng
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html