Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755937AbcJUQbY (ORCPT <rfc822;w@1wt.eu>);
        Fri, 21 Oct 2016 12:31:24 -0400
Received: from mail-wm0-f67.google.com ([74.125.82.67]:33771 "EHLO
        mail-wm0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752432AbcJUQbV (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 21 Oct 2016 12:31:21 -0400
Date: Fri, 21 Oct 2016 18:31:18 +0200
From: Jiri Pirko <jiri@resnulli.us>
To: Arnd Bergmann <arnd@arndb.de>
Cc: "David S. Miller" <davem@davemloft.net>,
        Alexander Duyck <aduyck@mirantis.com>,
        Tom Herbert <tom@herbertland.com>, Jiri Pirko <jiri@mellanox.com>,
        Hadar Hen Zion <hadarh@mellanox.com>,
        Gao Feng <fgao@48lvckh6395k16k5.yundunddos.com>,
        Eric Garver <e@erig.me>, Amir Vadai <amir@vadai.me>,
        netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] flow_dissector: avoid uninitialized variable access
Message-ID: <20161021163118.GA2155@nanopsycho.orion>
References: <20161021155626.4020344-1-arnd@arndb.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20161021155626.4020344-1-arnd@arndb.de>
User-Agent: Mutt/1.7.0 (2016-08-17)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1759
Lines: 51

Fri, Oct 21, 2016 at 05:55:53PM CEST, arnd@arndb.de wrote:
>gcc warns about an uninitialized pointer dereference in the vlan
>priority handling:
>
>net/core/flow_dissector.c: In function '__skb_flow_dissect':
>net/core/flow_dissector.c:281:61: error: 'vlan' may be used uninitialized in this function [-Werror=maybe-uninitialized]
>
>From all I can tell, this warning is about a real bug, and we
>should not attempt look up the vlan header if there was
>no vlan tag.

I don't see how vlan could be used uninitialized. But I understand that
this is impossible for gcc to track it. Please just use uninitialized_var()



>
>Fixes: f6a66927692e ("flow_dissector: Get vlan priority in addition to vlan id")
>Signed-off-by: Arnd Bergmann <arnd@arndb.de>
>---
>I'm not sure about this one, please have a closer look at what
>the original code does before applying.
>---
> net/core/flow_dissector.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
>diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c
>index 44e6ba9d3a6b..dd6003bf27e1 100644
>--- a/net/core/flow_dissector.c
>+++ b/net/core/flow_dissector.c
>@@ -245,7 +245,7 @@ bool __skb_flow_dissect(const struct sk_buff *skb,
> 	}
> 	case htons(ETH_P_8021AD):
> 	case htons(ETH_P_8021Q): {
>-		const struct vlan_hdr *vlan;
>+		const struct vlan_hdr *vlan = NULL;
> 
> 		if (skb && skb_vlan_tag_present(skb))
> 			proto = skb->protocol;
>@@ -264,7 +264,7 @@ bool __skb_flow_dissect(const struct sk_buff *skb,
> 		}
> 
> 		skip_vlan = true;
>-		if (dissector_uses_key(flow_dissector,
>+		if (vlan && dissector_uses_key(flow_dissector,
> 				       FLOW_DISSECTOR_KEY_VLAN)) {
> 			key_vlan = skb_flow_dissector_target(flow_dissector,
> 							     FLOW_DISSECTOR_KEY_VLAN,
>-- 
>2.9.0
>