tree:
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
head: b4464bcab38d3f7fe995a7cb960eeac6889bec08
commit: 3b49e2e94e6ebb8b23d0955d9e898254455734f8 [8286/9035] netfilter:
nf_tables: add flow table netlink frontend
The following is a 0-day report generated by Coccinel
The subject line is not very clear. Apparently, some buffer (which one?)
is not null terminated (but what will you do about it?). It would be
better to say what is done inthe subject line, eg Use snprintf rather than
strncpy, and then as you already do explain why the change is desirable in
the c
@@
e@i@p
@depends on !bad disable optional_qualifier@
identifier r.i;
@@
static
+const
struct nf_loginfo i = { ... };
//
Signed-off-by: Julia Lawall
---
net/ipv4/netfilter/ip_tables.c |2 +-
net/ipv4/netfilter/nf_log_arp.c |2 +-
net/ipv4/netfilter/nf_log_ipv4.c |2 +-
net/ipv6/n
making some nf_conntrack_l3/4proto structures const
subsequently.
Done with the help of Coccinelle.
Signed-off-by: Julia Lawall
---
v3:
Rebased against nf-next. Some functions, such as
nf_ct_l3proto_pernet_register, are no longer defined, so they are no longer
updated.
include/net/netfilter
When a nf_conntrack_l3/4proto parameter is not on the left hand side
of an assignment, its address is not taken, and it is not passed to a
function that may modify its fields, then it can be declared as const.
This change is useful from a documentation point of view, and can
possibly facilitate ma
When a nf_conntrack_l3/4proto parameter is not on the left hand side
of an assignment, its address is not taken, and it is not passed to a
function that may modify its fields, then it can be declared as const.
This change is useful from a documentation point of view, and can
possibly facilitate ma
making some nf_conntrack_l3/4proto structures const
subsequently.
Done with the help of Coccinelle.
Some spacing adjusted to fit within 80 characters.
Signed-off-by: Julia Lawall
---
v2: Added consideration of array parameters. This adds transformation of
nf_ct_l4proto_pernet_register and
On Sat, 29 Jul 2017, Florian Westphal wrote:
> Julia Lawall wrote:
> > When a nf_conntrack_l3/4proto parameter is not on the left hand side
> > of an assignment, its address is not taken, and it is not passed to a
> > function that may modify its fields, then it can
When a nf_conntrack_l3/4proto parameter is not on the left hand side
of an assignment, its address is not taken, and it is not passed to a
function that may modify its fields, then it can be declared as const.
This change is useful from a documentation point of view, and can
possibly facilitate ma
making some nf_conntrack_l3/4proto structures const
subsequently.
Done with the help of Coccinelle.
Some spacing adjusted to fit within 80 characters.
Signed-off-by: Julia Lawall
---
include/net/netfilter/nf_conntrack_l3proto.h |6 +++---
include/net/netfilter/nf_conntrack_l4proto.h |8
On Sat, 29 Jul 2017, Florian Westphal wrote:
> Julia Lawall wrote:
> > On Sat, 29 Jul 2017, Florian Westphal wrote:
> > > From a quick glance I don't see why we can't e.g. constify
> > > nf_conntrack_l3/4_proto too. It is not going to be as simple
> >
On Sat, 29 Jul 2017, Florian Westphal wrote:
> Julia Lawall wrote:
> >
> >
> > On Sat, 29 Jul 2017, Florian Westphal wrote:
> >
> > > Julia Lawall wrote:
> > > > The nf_hook_ops structure is only passed as the second argument to
> > >
On Sat, 29 Jul 2017, Florian Westphal wrote:
> Julia Lawall wrote:
> > The nf_hook_ops structure is only passed as the second argument to
> > nf_register_net_hook or nf_unregister_net_hook, both of which are
> > declared as const. Thus the nf_hook_ops structure it
r.i;
@@
static
+const
struct nf_hook_ops i = { ... };
//
Signed-off-by: Julia Lawall
---
net/ipv4/netfilter/ipt_CLUSTERIP.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c
b/net/ipv4/netfilter/ipt_CLUSTERIP.c
index efaa04d..17b4ca5 10
r.i;
@@
static
+const
struct nf_hook_ops i = { ... };
//
Signed-off-by: Julia Lawall
---
net/decnet/netfilter/dn_rtmsg.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/decnet/netfilter/dn_rtmsg.c b/net/decnet/netfilter/dn_rtmsg.c
index aa8ffec..ab395e5 100644
--- a
The nf_hook_ops structure is only passed as the second argument to
nf_register_net_hook or nf_unregister_net_hook, both of which are
declared as const. Thus the nf_hook_ops structure itself can be
const.
Done with the help of Coccinelle.
---
net/decnet/netfilter/dn_rtmsg.c|2 +-
net/ip
On Wed, 29 Mar 2017, Arushi Singhal wrote:
> This patch uses the following coccinelle script to remove
> a variable that was simply used to store the return
> value of a function call before returning it:
>
> @@
> identifier len,f;
> @@
>
> -int len;
> ... when != len
> when strict
> -len
On Tue, 28 Mar 2017, simran singhal wrote:
> The following Coccinelle script was used to detect this:
> @r@
> expression x;
> void* e;
> type T;
> identifier f;
> @@
> (
> *((T *)e)
> |
> ((T *)x)[...]
> |
> ((T*)x)->f
> |
>
> - (T*)
> e
> )
>
> Signed-off-by: simran singhal
> ---
> ne
On Tue, 28 Mar 2017, Gargi Sharma wrote:
> On Tue, Mar 28, 2017 at 12:45 AM, Gargi Sharma wrote:
> > On Tue, Mar 28, 2017 at 12:42 AM, Pablo Neira Ayuso
> > wrote:
> >>
> >> On Tue, Mar 28, 2017 at 12:40:15AM +0530, Gargi Sharma wrote:
> >> > The struct of the type option is only used to ini
--
Date: Thu, 23 Feb 2017 12:43:05 +0800
From: kbuild test robot
To: kbu...@01.org
Cc: Julia Lawall
Subject: Re: [PATCH V2] audit: normalize NETFILTER_PKT
CC: kbuild-...@01.org
In-Reply-To:
<9504740e9333a0b7074abe0dddfc487aeeae6cff.1487813996.git@redhat.com>
Hi Richard,
[auto buil
... when != t=e
- IS_ERR_OR_NULL(t)
+ !t
@@
expression t,e,e1;
@@
t = \(xt_find_table_lock(...)\|
try_then_request_module(xt_find_table_lock(...),...)\)
... when != t=e
?- t ? PTR_ERR(t) : e1
+ e1
... when any
//
Signed-off-by: Julia Lawall
---
net/ipv4/netfilter/arp_
On Fri, 11 Nov 2016, Florian Westphal wrote:
> Julia Lawall wrote:
> > The function xt_find_table_lock defined in net/netfilter/x_tables.c is
> > preceeded by a comment that says that it returns ERR_PTR() on error. But
> > looking at the definition, I only see occurrenc
The function xt_find_table_lock defined in net/netfilter/x_tables.c is
preceeded by a comment that says that it returns ERR_PTR() on error. But
looking at the definition, I only see occurrences of return NULL and
returns of pointers that have previously been dereferenced. Is it the
code or the do
On Mon, 29 Feb 2016, Jozsef Kadlecsik wrote:
> Hi,
>
> On Mon, 29 Feb 2016, Julia Lawall wrote:
>
> > The file net/netfilter/ipset/ip_set_bitmap_ipmac.c seems to contain a lot
> > of static functions that are not used in the file:
> >
> > bitmap_ipmac
The file net/netfilter/ipset/ip_set_bitmap_ipmac.c seems to contain a lot
of static functions that are not used in the file:
bitmap_ipmac_add_timeout
bitmap_ipmac_do_add
bitmap_ipmac_do_del
bitmap_ipmac_do_head
bitmap_ipmac_do_list
bitmap_ipmac_do_test
bitmap_ipmac_gc_test
bitmap_ipmac_is_filled
b
25 matches
Mail list logo
