netfilter: flowtable: add a 'default' case to flowtable datapath

Add a 'default' case in case return a uninitialized value of ret, this
should not ever happen since the follow transmit path types:

- FLOW_OFFLOAD_XMIT_UNSPEC
- FLOW_OFFLOAD_XMIT_TC

are never observed from this path. Add this check for safety reasons.

Signed-off-by: Li Qiong <liqiong@nfschina.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfilter/nf_flow_table_ip.c
index b350fe9..19efba1 100644 (file)
--- a/net/netfilter/nf_flow_table_ip.c
+++ b/net/netfilter/nf_flow_table_ip.c
@@ -421,6 +421,10 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb,
                if (ret == NF_DROP)
                        flow_offload_teardown(flow);
                break;
+       default:
+               WARN_ON_ONCE(1);
+               ret = NF_DROP;
+               break;
        }
 
        return ret;
@@ -682,6 +686,10 @@ nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb,
                if (ret == NF_DROP)
                        flow_offload_teardown(flow);
                break;
+       default:
+               WARN_ON_ONCE(1);
+               ret = NF_DROP;
+               break;
        }
 
        return ret;