ipvs: uninitialized data with IP_VS_IPV6

commit 3b05ac3824ed9648c0d9c02d51d9b54e4e7e874f upstream. The app_tcp_pkt_out() function expects "*diff" to be set and ends up using uninitialized data if CONFIG_IP_VS_IPV6 is turned on. The same issue is there in app_tcp_pkt_in(). Thanks to Julian Anastasov for noticing that. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

ipvs: uninitialized data with IP_VS_IPV6
commit 3b05ac3824ed9648c0d9c02d51d9b54e4e7e874f upstream. The app_tcp_pkt_out() function expects "*diff" to be set and ends up using uninitialized data if CONFIG_IP_VS_IPV6 is turned on. The same issue is there in app_tcp_pkt_in(). Thanks to Julian Anastasov for noticing that. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Dan Carpenter · Greg Kroah-Hartman
1 parent 4270214a95
Showing 1 changed file with 5 additions and 5 deletions Side-by-side Diff
net/netfilter/ipvs/ip_vs_ftp.c
@@ -183,6 +183,8 @@
 	struct nf_conn *ct;
 	struct net *net;
  
+	*diff = 0;
+
 #ifdef CONFIG_IP_VS_IPV6
 	/* This application helper doesn't work with IPv6 yet,
 	 * so turn this into a no-op for IPv6 packets
@@ -191,8 +193,6 @@
 		return 1;
 #endif
  
-	*diff = 0;
-
 	/* Only useful for established sessions */
 	if (cp->state != IP_VS_TCP_S_ESTABLISHED)
 		return 1;
@@ -322,6 +322,9 @@
 	struct ip_vs_conn *n_cp;
 	struct net *net;
  
+	/* no diff required for incoming packets */
+	*diff = 0;
+
 #ifdef CONFIG_IP_VS_IPV6
 	/* This application helper doesn't work with IPv6 yet,
 	 * so turn this into a no-op for IPv6 packets
@@ -329,9 +332,6 @@
 	if (cp->af == AF_INET6)
 		return 1;
 #endif
-
-	/* no diff required for incoming packets */
-	*diff = 0;
  
 	/* Only useful for established sessions */
 	if (cp->state != IP_VS_TCP_S_ESTABLISHED)
...	...	@@ -183,6 +183,8 @@
183	183	struct nf_conn *ct;
184	184	struct net *net;
185	185
	186	+ *diff = 0;
	187	+
186	188	#ifdef CONFIG_IP_VS_IPV6
187	189	/* This application helper doesn't work with IPv6 yet,
188	190	* so turn this into a no-op for IPv6 packets
...	...	@@ -191,8 +193,6 @@
191	193	return 1;
192	194	#endif
193	195
194		- *diff = 0;
195		-
196	196	/* Only useful for established sessions */
197	197	if (cp->state != IP_VS_TCP_S_ESTABLISHED)
198	198	return 1;
...	...	@@ -322,6 +322,9 @@
322	322	struct ip_vs_conn *n_cp;
323	323	struct net *net;
324	324
	325	+ /* no diff required for incoming packets */
	326	+ *diff = 0;
	327	+
325	328	#ifdef CONFIG_IP_VS_IPV6
326	329	/* This application helper doesn't work with IPv6 yet,
327	330	* so turn this into a no-op for IPv6 packets
...	...	@@ -329,9 +332,6 @@
329	332	if (cp->af == AF_INET6)
330	333	return 1;
331	334	#endif
332		-
333		- /* no diff required for incoming packets */
334		- *diff = 0;
335	335
336	336	/* Only useful for established sessions */
337	337	if (cp->state != IP_VS_TCP_S_ESTABLISHED)