Use gcc's attribute to mark fallthrough statements

gcc7 is more verbose on fallthrough warnings, and this patch set
cleans up the current state by making use of the attribute when
necessary.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

5 files changed, 46 insertions, 2 deletions

diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c
index 9a7f3505bf..e427bb7da5 100644
--- a/lib/crypto-selftests-pk.c
+++ b/lib/crypto-selftests-pk.c
@@ -701,7 +701,7 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
 
 	switch (pk) {
 	case GNUTLS_PK_UNKNOWN:
-	
+		FALLTHROUGH;
 	case GNUTLS_PK_DH:
 #ifndef AVOID_INTERNALS
 		ret = test_dh();
@@ -713,15 +713,26 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
 			return 0;
 #endif
+		FALLTHROUGH;
 	case GNUTLS_PK_RSA:
 		PK_KNOWN_TEST(GNUTLS_PK_RSA, 1, 2048, GNUTLS_DIG_SHA256,
 			      rsa_key2048, rsa_sig);
 		PK_TEST(GNUTLS_PK_RSA, test_rsa_enc, 2048, 0);
 		PK_TEST(GNUTLS_PK_RSA, test_sig, 3072, GNUTLS_DIG_SHA256);
+
+		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+			return 0;
+
+		FALLTHROUGH;
 	case GNUTLS_PK_DSA:
 		PK_KNOWN_TEST(GNUTLS_PK_DSA, 0, 2048, GNUTLS_DIG_SHA256,
 			      dsa_privkey, dsa_sig);
 		PK_TEST(GNUTLS_PK_DSA, test_sig, 3072, GNUTLS_DIG_SHA256);
+
+		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+			return 0;
+
+		FALLTHROUGH;
 	case GNUTLS_PK_EC:	/* Testing ECDSA */
 		/* Test ECDH */
 #ifndef AVOID_INTERNALS
@@ -783,7 +794,6 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
 			GNUTLS_DIG_SHA512);
 
 		break;
-
 	default:
 		return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST);
 	}
diff --git a/lib/crypto-selftests.c b/lib/crypto-selftests.c
index 289ce04847..a637223b0a 100644
--- a/lib/crypto-selftests.c
+++ b/lib/crypto-selftests.c
@@ -1130,22 +1130,31 @@ int gnutls_cipher_self_test(unsigned flags, gnutls_cipher_algorithm_t cipher)
 	case GNUTLS_CIPHER_UNKNOWN:
 		CASE(GNUTLS_CIPHER_AES_128_CCM, test_cipher_aead,
 		     aes128_ccm_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_CIPHER_AES_256_CCM, test_cipher_aead,
 		     aes256_ccm_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_CIPHER_AES_128_CBC, test_cipher,
 		     aes128_cbc_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_CIPHER_AES_192_CBC, test_cipher,
 		     aes192_cbc_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_CIPHER_AES_256_CBC, test_cipher,
 		     aes256_cbc_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_CIPHER_3DES_CBC, test_cipher,
 		     tdes_cbc_vectors);
+		FALLTHROUGH;
 		NON_FIPS_CASE(GNUTLS_CIPHER_ARCFOUR_128, test_cipher,
 		     arcfour_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_CIPHER_AES_128_GCM, test_cipher_aead,
 		     aes128_gcm_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_CIPHER_AES_256_GCM, test_cipher_aead,
 		     aes256_gcm_vectors);
+		FALLTHROUGH;
 		NON_FIPS_CASE(GNUTLS_CIPHER_CHACHA20_POLY1305, test_cipher_aead,
 		     chacha_poly1305_vectors);
 		break;
@@ -1177,10 +1186,15 @@ int gnutls_mac_self_test(unsigned flags, gnutls_mac_algorithm_t mac)
 	switch (mac) {
 	case GNUTLS_MAC_UNKNOWN:
 		FIPS_STARTUP_ONLY_TEST_CASE(GNUTLS_MAC_MD5, test_mac, hmac_md5_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_MAC_SHA1, test_mac, hmac_sha1_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_MAC_SHA224, test_mac, hmac_sha224_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_MAC_SHA256, test_mac, hmac_sha256_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_MAC_SHA384, test_mac, hmac_sha384_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_MAC_SHA512, test_mac, hmac_sha512_vectors);
 
 		break;
@@ -1212,15 +1226,24 @@ int gnutls_digest_self_test(unsigned flags, gnutls_digest_algorithm_t digest)
 	switch (digest) {
 	case GNUTLS_DIG_UNKNOWN:
 		FIPS_STARTUP_ONLY_TEST_CASE(GNUTLS_DIG_MD5, test_digest, md5_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_DIG_SHA1, test_digest, sha1_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_DIG_SHA224, test_digest, sha224_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_DIG_SHA256, test_digest, sha256_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_DIG_SHA384, test_digest, sha384_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_DIG_SHA512, test_digest, sha512_vectors);
 #ifdef NETTLE_SHA3_FIPS202
+		FALLTHROUGH;
 		CASE(GNUTLS_DIG_SHA3_224, test_digest, sha3_224_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_DIG_SHA3_256, test_digest, sha3_256_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_DIG_SHA3_384, test_digest, sha3_384_vectors);
+		FALLTHROUGH;
 		CASE(GNUTLS_DIG_SHA3_512, test_digest, sha3_512_vectors);
 #endif
 		break;
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 5cf0e6ffd8..3c93e1b5bd 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -76,6 +76,13 @@ typedef int ssize_t;
 #define likely(x)      __builtin_expect((x), 1)
 #define unlikely(x)    __builtin_expect((x), 0)
 #endif
+#if _GNUTLS_GCC_VERSION >= 70100
+#define FALLTHROUGH      __attribute__ ((fallthrough))
+#endif
+#endif
+
+#ifndef FALLTHROUGH
+# define FALLTHROUGH
 #endif
 
 #ifndef likely
diff --git a/lib/handshake.c b/lib/handshake.c
index bed26eee9b..8bf37c1630 100644
--- a/lib/handshake.c
+++ b/lib/handshake.c
@@ -2875,6 +2875,8 @@ static int handshake_client(gnutls_session_t session)
 		STATE = STATE8;
 		if (ret < 0)
 			return gnutls_assert_val(ret);
+
+		FALLTHROUGH;
 	case STATE9:
 		/* receive the server key exchange */
 		if (session->internals.resumed == RESUME_FALSE)	/* if we are not resuming */
diff --git a/lib/record.c b/lib/record.c
index 5a9f9139a5..6443018137 100644
--- a/lib/record.c
+++ b/lib/record.c
@@ -1431,7 +1431,9 @@ check_session_status(gnutls_session_t session)
 			return gnutls_assert_val(ret);
 
 		session->internals.recv_state = RECV_STATE_0;
+
 		/* Fall through: */
+		FALLTHROUGH;
 	case RECV_STATE_0:
 
 		_dtls_async_timer_check(session);