From: Al Viro Date: Fri, 2 Sep 2005 19:18:03 +0000 (-0700) Subject: [ATM]: Fix dereference of uninitialized pointer in zatm X-Git-Tag: firefly_0821_release~41931^2 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=d70063c4634af060a5387337b7632f6334ca3458;p=firefly-linux-kernel-4.4.55.git [ATM]: Fix dereference of uninitialized pointer in zatm Fixing breakage from [NET]: Kill skb->list - original was assign vcc do a bunch of stuff using ZATM_VCC(vcc)->pool as common subexpression Now we do int pos = ZATM_VCC(vcc)->pool; assign vcc do a bunch of stuff even though vcc is not even initialized when we enter that block... Signed-off-by: Al Viro Signed-off-by: David S. Miller --- diff --git a/drivers/atm/zatm.c b/drivers/atm/zatm.c index c4b75ecf9460..55959e4d1cb7 100644 --- a/drivers/atm/zatm.c +++ b/drivers/atm/zatm.c @@ -417,9 +417,9 @@ printk("dummy: 0x%08lx, 0x%08lx\n",dummy[0],dummy[1]); chan = (here[3] & uPD98401_AAL5_CHAN) >> uPD98401_AAL5_CHAN_SHIFT; if (chan < zatm_dev->chans && zatm_dev->rx_map[chan]) { - int pos = ZATM_VCC(vcc)->pool; - + int pos; vcc = zatm_dev->rx_map[chan]; + pos = ZATM_VCC(vcc)->pool; if (skb == zatm_dev->last_free[pos]) zatm_dev->last_free[pos] = NULL; skb_unlink(skb, zatm_dev->pool + pos);