Commit ac2b47fb authored by Paolo Abeni's avatar Paolo Abeni Committed by David S. Miller
Browse files

mptcp: fix uninitialized value access 



tcp_v{4,6}_syn_recv_sock() set 'own_req' only when returning
a not NULL 'child', let's check 'own_req' only if child is
available to avoid an - unharmful - UBSAN splat.

v1 -> v2:
 - reference the correct hash

Fixes: 4c8941de ("mptcp: avoid flipping mp_capable field in syn_recv_sock()")
Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 8c755953

net/mptcp/subflow.c

+1 −1
Original line number Diff line number Diff line
@@ -523,7 +523,7 @@ out: 
	/* check for expected invariant - should never trigger, just help

	 * catching eariler subtle bugs

	 */

	WARN_ON_ONCE(*own_req && child && tcp_sk(child)->is_mptcp &&

	WARN_ON_ONCE(child && *own_req && tcp_sk(child)->is_mptcp &&

		     (!mptcp_subflow_ctx(child) ||

		      !mptcp_subflow_ctx(child)->conn));

	return child;

CRA Git | Maintained and supported by SUSTech CRA and CCSE