[PATCH] kernel: xt_FLOWOFFLOAD: fix use of uninitialized dir variable
Rosen Penev
rosenp at gmail.com
Tue Mar 12 23:18:23 PDT 2024
On Tue, Mar 12, 2024 at 8:51 PM Qingfang Deng <dqfext at gmail.com> wrote:
>
> From: Qingfang Deng <qingfang.deng at siflower.com.cn>
>
> The dir variable has been used uninitialized since the port to 5.10, and
> somehow this remains undetected by GCC.
This patch looks like it's for iptables. Is it needed anymore?
>
> Fixes: b10d6044599d ("kernel: add linux 5.10 support")
> Signed-off-by: Qingfang Deng <qingfang.deng at siflower.com.cn>
> ---
> .../hack-5.15/650-netfilter-add-xt_FLOWOFFLOAD-target.patch | 4 ++--
> .../hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch | 4 ++--
> .../hack-6.6/650-netfilter-add-xt_FLOWOFFLOAD-target.patch | 4 ++--
> 3 files changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/target/linux/generic/hack-5.15/650-netfilter-add-xt_FLOWOFFLOAD-target.patch b/target/linux/generic/hack-5.15/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
> index da60334498..ec887539d5 100644
> --- a/target/linux/generic/hack-5.15/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
> +++ b/target/linux/generic/hack-5.15/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
> @@ -609,6 +609,8 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
> + if (!nf_ct_is_confirmed(ct))
> + return XT_CONTINUE;
> +
> ++ dir = CTINFO2DIR(ctinfo);
> ++
> + devs[dir] = xt_out(par);
> + devs[!dir] = xt_in(par);
> +
> @@ -618,8 +620,6 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
> + if (test_and_set_bit(IPS_OFFLOAD_BIT, &ct->status))
> + return XT_CONTINUE;
> +
> -+ dir = CTINFO2DIR(ctinfo);
> -+
> + if (xt_flowoffload_route(skb, ct, par, &route, dir, devs) < 0)
> + goto err_flow_route;
> +
> diff --git a/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch b/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
> index aee845d984..6fdfc79207 100644
> --- a/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
> +++ b/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
> @@ -555,6 +555,8 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
> + if (!nf_ct_is_confirmed(ct))
> + return XT_CONTINUE;
> +
> ++ dir = CTINFO2DIR(ctinfo);
> ++
> + devs[dir] = xt_out(par);
> + devs[!dir] = xt_in(par);
> +
> @@ -564,8 +566,6 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
> + if (test_and_set_bit(IPS_OFFLOAD_BIT, &ct->status))
> + return XT_CONTINUE;
> +
> -+ dir = CTINFO2DIR(ctinfo);
> -+
> + if (xt_flowoffload_route(skb, ct, par, &route, dir, devs) < 0)
> + goto err_flow_route;
> +
> diff --git a/target/linux/generic/hack-6.6/650-netfilter-add-xt_FLOWOFFLOAD-target.patch b/target/linux/generic/hack-6.6/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
> index b9a87a671e..9735983212 100644
> --- a/target/linux/generic/hack-6.6/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
> +++ b/target/linux/generic/hack-6.6/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
> @@ -555,6 +555,8 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
> + if (!nf_ct_is_confirmed(ct))
> + return XT_CONTINUE;
> +
> ++ dir = CTINFO2DIR(ctinfo);
> ++
> + devs[dir] = xt_out(par);
> + devs[!dir] = xt_in(par);
> +
> @@ -564,8 +566,6 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
> + if (test_and_set_bit(IPS_OFFLOAD_BIT, &ct->status))
> + return XT_CONTINUE;
> +
> -+ dir = CTINFO2DIR(ctinfo);
> -+
> + if (xt_flowoffload_route(skb, ct, par, &route, dir, devs) < 0)
> + goto err_flow_route;
> +
> --
> 2.34.1
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list