diff mbox series

[nf-next] netfilter: nft_extdhr: Drop pointless check of tprot_set

Message ID 20210611170826.11412-1-phil@nwl.cc
State Accepted
Delegated to: Pablo Neira
Headers show
Series [nf-next] netfilter: nft_extdhr: Drop pointless check of tprot_set | expand

Commit Message

Phil Sutter June 11, 2021, 5:08 p.m. UTC
Pablo says, tprot_set is only there to detect if tprot was set to
IPPROTO_IP as that evaluates to zero. Therefore, code asserting a
different value in tprot does not need to check tprot_set.

Fixes: 935b7f6430188 ("netfilter: nft_exthdr: add TCP option matching")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 net/netfilter/nft_exthdr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Pablo Neira Ayuso June 18, 2021, 12:48 p.m. UTC | #1
On Fri, Jun 11, 2021 at 07:08:26PM +0200, Phil Sutter wrote:
> Pablo says, tprot_set is only there to detect if tprot was set to
> IPPROTO_IP as that evaluates to zero. Therefore, code asserting a
> different value in tprot does not need to check tprot_set.

Applied, thanks.
diff mbox series

Patch

diff --git a/net/netfilter/nft_exthdr.c b/net/netfilter/nft_exthdr.c
index 9cf86be2cff4b..4f583d2e220e4 100644
--- a/net/netfilter/nft_exthdr.c
+++ b/net/netfilter/nft_exthdr.c
@@ -164,7 +164,7 @@  nft_tcp_header_pointer(const struct nft_pktinfo *pkt,
 {
 	struct tcphdr *tcph;
 
-	if (!pkt->tprot_set || pkt->tprot != IPPROTO_TCP)
+	if (pkt->tprot != IPPROTO_TCP)
 		return NULL;
 
 	tcph = skb_header_pointer(pkt->skb, nft_thoff(pkt), sizeof(*tcph), buffer);