net: always initialize pagedlen

In ip packet generation, pagedlen is initialized for each skb at the
start of the loop in __ip(6)_append_data, before label alloc_new_skb.

Depending on compiler options, code can be generated that jumps to
this label, triggering use of an an uninitialized variable.

In practice, at -O2, the generated code moves the initialization below
the label. But the code should not rely on that for correctness.

Fixes: 15e36f5b8e98 ("udp: paged allocation with gso")
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

1 files changed, 2 insertions, 1 deletions

diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
index c09219e7f230..5dbec21856f4 100644
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -939,7 +939,7 @@ static int __ip_append_data(struct sock *sk,
                         unsigned int fraglen;
                         unsigned int fraggap;
                         unsigned int alloclen;
-                        unsigned int pagedlen = 0;
+                        unsigned int pagedlen;
                         struct sk_buff *skb_prev;
 alloc_new_skb:
                         skb_prev = skb;
@@ -956,6 +956,7 @@ alloc_new_skb:
                         if (datalen > mtu - fragheaderlen)
                                 datalen = maxfraglen - fragheaderlen;
                         fraglen = datalen + fragheaderlen;
+                        pagedlen = 0;
 
                         if ((flags & MSG_MORE) &&
                             !(rt->dst.dev->features&NETIF_F_SG))