ipvs: uninitialized data with IP_VS_IPV6

The app_tcp_pkt_out() function expects "*diff" to be set and ends up
using uninitialized data if CONFIG_IP_VS_IPV6 is turned on.

The same issue is there in app_tcp_pkt_in().  Thanks to Julian Anastasov
for noticing that.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>

1 files changed, 5 insertions, 5 deletions

diff --git a/net/netfilter/ipvs/ip_vs_ftp.c b/net/netfilter/ipvs/ip_vs_ftp.c
index 1d5341f3761d..5d3daae98bf0 100644
--- a/net/netfilter/ipvs/ip_vs_ftp.c
+++ b/net/netfilter/ipvs/ip_vs_ftp.c
@@ -183,6 +183,8 @@ static int ip_vs_ftp_out(struct ip_vs_app *app, struct ip_vs_conn *cp,
         struct nf_conn *ct;
         struct net *net;
 
+        *diff = 0;
+
 #ifdef CONFIG_IP_VS_IPV6
         /* This application helper doesn't work with IPv6 yet,
          * so turn this into a no-op for IPv6 packets
@@ -191,8 +193,6 @@ static int ip_vs_ftp_out(struct ip_vs_app *app, struct ip_vs_conn *cp,
                 return 1;
 #endif
 
-        *diff = 0;
-
         /* Only useful for established sessions */
         if (cp->state != IP_VS_TCP_S_ESTABLISHED)
                 return 1;
@@ -322,6 +322,9 @@ static int ip_vs_ftp_in(struct ip_vs_app *app, struct ip_vs_conn *cp,
         struct ip_vs_conn *n_cp;
         struct net *net;
 
+        /* no diff required for incoming packets */
+        *diff = 0;
+
 #ifdef CONFIG_IP_VS_IPV6
         /* This application helper doesn't work with IPv6 yet,
          * so turn this into a no-op for IPv6 packets
@@ -330,9 +333,6 @@ static int ip_vs_ftp_in(struct ip_vs_app *app, struct ip_vs_conn *cp,
                 return 1;
 #endif
 
-        /* no diff required for incoming packets */
-        *diff = 0;
-
         /* Only useful for established sessions */
         if (cp->state != IP_VS_TCP_S_ESTABLISHED)
                 return 1;