| Message ID | c2b96b3751ccf64357d2c6f0e7d23908dda8a601.1588157274.git.pabeni@redhat.com |
|---|---|
| State | New |
| Headers | show |
| Series | [net] mptcp: fix uninitialized value access | expand |
diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index f412e886aa9b..2fa319a36ea5 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -522,7 +522,7 @@ static struct sock *subflow_syn_recv_sock(const struct sock *sk, /* check for expected invariant - should never trigger, just help * catching eariler subtle bugs */ - WARN_ON_ONCE(*own_req && child && tcp_sk(child)->is_mptcp && + WARN_ON_ONCE(child && *own_req && tcp_sk(child)->is_mptcp && (!mptcp_subflow_ctx(child) || !mptcp_subflow_ctx(child)->conn)); return child;
tcp_v{4,6}_syn_recv_sock() set 'own_req' only when returning a not NULL 'child', let's check 'own_req' only if child is available to avoid an - unharmful - UBSAN splat. Fixes: 20882e2cb904 ("mptcp: avoid flipping mp_capable field in syn_recv_sock()") Signed-off-by: Paolo Abeni <pabeni@redhat.com> --- net/mptcp/subflow.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)