diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-25 22:27:12 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-27 10:35:07 +0100 |
commit | 41175cec8407da4687493a9f74043656682d470a (patch) | |
tree | 0480536d5861270c83edc43908cc9abe5da6eb69 /src/chain.c | |
parent | 19c3da8e70d32818b7267fc63b44441295e69567 (diff) |
src: early attribute type validation in nft_*_attr_set
This allows us to remove the default case in the switch, which
show help to spot missing attribute support since gcc will spot
a compilation warning.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/chain.c')
-rw-r--r-- | src/chain.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/chain.c b/src/chain.c index 34eb91d..19e7950 100644 --- a/src/chain.c +++ b/src/chain.c @@ -142,6 +142,9 @@ EXPORT_SYMBOL(nft_chain_attr_unset); void nft_chain_attr_set(struct nft_chain *c, uint16_t attr, const void *data) { + if (attr > NFT_CHAIN_ATTR_MAX) + return; + switch(attr) { case NFT_CHAIN_ATTR_NAME: strncpy(c->name, data, NFT_CHAIN_MAXNAMELEN); @@ -182,8 +185,6 @@ void nft_chain_attr_set(struct nft_chain *c, uint16_t attr, const void *data) c->type = strdup(data); break; - default: - return; } c->flags |= (1 << attr); } |