diff mbox

[nf-next] netfilter: bridge: fix 2 compiler warnings

Message ID 1444061588-1692-1-git-send-email-razor@blackwall.org
State Superseded
Delegated to: Pablo Neira
Headers show

Commit Message

Nikolay Aleksandrov Oct. 5, 2015, 4:13 p.m. UTC 
From: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>

While looking at the kasan warning, I noticed there're 2 more warnings
when CONFIG_NF_DEFRAG_IPV6 and CONFIG_NF_DEFRAG_IPV4 are not defined.

1.
net/bridge//br_netfilter_hooks.c: In function ‘br_nf_dev_queue_xmit’:
net/bridge//br_netfilter_hooks.c:730:25: warning: variable ‘nf_bridge’
set but not used [-Wunused-but-set-variable]
- Introduced by
commit efb6de9b4ba0 ("netfilter: bridge: forward IPv6 fragmented packets")

2.
net/bridge//br_netfilter_hooks.c: In function ‘br_nf_dev_queue_xmit’:
net/bridge//br_netfilter_hooks.c:797:2: warning: label ‘drop’ defined
but not used [-Wunused-label]
- Introduced by
commit dd302b59bde0 ("netfilter: bridge: don't leak skb in error paths")

Simply pull the code inside the respective ifdefs.

Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
---
Compile-tested only. Patch applies to DaveM's net-next and also to
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git

 net/bridge/br_netfilter_hooks.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)
diff mbox

Patch

diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c
index 13f03671c88d..adf50432b189 100644
--- a/net/bridge/br_netfilter_hooks.c
+++ b/net/bridge/br_netfilter_hooks.c
@@ -727,7 +727,6 @@  static unsigned int nf_bridge_mtu_reduction(const struct sk_buff *skb)
 
 static int br_nf_dev_queue_xmit(struct net *net, struct sock *sk, struct sk_buff *skb)
 {
-	struct nf_bridge_info *nf_bridge;
 	unsigned int mtu_reserved;
 
 	mtu_reserved = nf_bridge_mtu_reduction(skb);
@@ -737,18 +736,20 @@  static int br_nf_dev_queue_xmit(struct net *net, struct sock *sk, struct sk_buff
 		return br_dev_queue_push_xmit(net, sk, skb);
 	}
 
-	nf_bridge = nf_bridge_info_get(skb);
-
 #if IS_ENABLED(CONFIG_NF_DEFRAG_IPV4)
 	/* This is wrong! We should preserve the original fragment
 	 * boundaries by preserving frag_list rather than refragmenting.
 	 */
 	if (skb->protocol == htons(ETH_P_IP)) {
+		struct nf_bridge_info *nf_bridge;
 		struct brnf_frag_data *data;
 
-		if (br_validate_ipv4(net, skb))
-			goto drop;
+		if (br_validate_ipv4(net, skb)) {
+			kfree_skb(skb);
+			return 0;
+		}
 
+		nf_bridge = nf_bridge_info_get(skb);
 		IPCB(skb)->frag_max_size = nf_bridge->frag_max_size;
 
 		nf_bridge_update_protocol(skb);
@@ -769,11 +770,15 @@  static int br_nf_dev_queue_xmit(struct net *net, struct sock *sk, struct sk_buff
 #if IS_ENABLED(CONFIG_NF_DEFRAG_IPV6)
 	if (skb->protocol == htons(ETH_P_IPV6)) {
 		const struct nf_ipv6_ops *v6ops = nf_get_ipv6_ops();
+		struct nf_bridge_info *nf_bridge;
 		struct brnf_frag_data *data;
 
-		if (br_validate_ipv6(net, skb))
-			goto drop;
+		if (br_validate_ipv6(net, skb)) {
+			kfree_skb(skb);
+			return 0;
+		}
 
+		nf_bridge = nf_bridge_info_get(skb);
 		IP6CB(skb)->frag_max_size = nf_bridge->frag_max_size;
 
 		nf_bridge_update_protocol(skb);
@@ -794,9 +799,6 @@  static int br_nf_dev_queue_xmit(struct net *net, struct sock *sk, struct sk_buff
 #endif
 	nf_bridge_info_free(skb);
 	return br_dev_queue_push_xmit(net, sk, skb);
- drop:
-	kfree_skb(skb);
-	return 0;
 }
 
 /* PF_BRIDGE/POST_ROUTING ********************************************/