From: Dan Carpenter Date: Fri, 25 Jan 2013 15:44:57 +0000 (+0300) Subject: ipvs: freeing uninitialized pointer on error X-Git-Tag: MMI-PSA29.97-13-9~15060^2~11^2~4 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=b425df4cdd953a400d814b4474c9d3ec04481858;p=GitHub%2FMotorolaMobilityLLC%2Fkernel-slsi.git ipvs: freeing uninitialized pointer on error If state != IP_VS_STATE_BACKUP then tinfo->buf is uninitialized. If kthread_run() fails then it means we free random memory resulting in an oops. Signed-off-by: Dan Carpenter Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index effa10c9e4e3..44fd10c539ac 100644 --- a/net/netfilter/ipvs/ip_vs_sync.c +++ b/net/netfilter/ipvs/ip_vs_sync.c @@ -1795,6 +1795,8 @@ int start_sync_thread(struct net *net, int state, char *mcast_ifn, __u8 syncid) GFP_KERNEL); if (!tinfo->buf) goto outtinfo; + } else { + tinfo->buf = NULL; } tinfo->id = id;