net: initialize skb->peeked when cloning

commit b13dda9f9aa7caceeee61c080c2e544d5f5d85e5 upstream. syzbot reported __skb_try_recv_from_queue() was using skb->peeked while it was potentially unitialized. We need to clear it in __skb_clone() Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Eric Dumazet <edumazet@google.com> Reported-by: syzbot <syzkaller@googlegroups.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Eric Dumazet <edumazet@google.com> 2018-04-07 13:42:39 -0700
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-05-16 10:10:23 +0200
commit: 5652aed1de29c6e977608effa94ce217f3b959e7 (patch)
tree: 5645d4700d0326ede4b37cd8c790b9c3509792e1 /net
parent: ced9763b911d66ab4da4a9edf2a8d3ce29238af8 (diff)
download: linux-exynos-5652aed1de29c6e977608effa94ce217f3b959e7.tar.gz
linux-exynos-5652aed1de29c6e977608effa94ce217f3b959e7.tar.bz2
linux-exynos-5652aed1de29c6e977608effa94ce217f3b959e7.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 564beb7e6d1c..ef734ad1d852 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -857,6 +857,7 @@ static struct sk_buff *__skb_clone(struct sk_buff *n, struct sk_buff *skb)
 	n->hdr_len = skb->nohdr ? skb_headroom(skb) : skb->hdr_len;
 	n->cloned = 1;
 	n->nohdr = 0;
+	n->peeked = 0;
 	n->destructor = NULL;
 	C(tail);
 	C(end);
author	Eric Dumazet <edumazet@google.com>	2018-04-07 13:42:39 -0700
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2018-05-16 10:10:23 +0200
commit	5652aed1de29c6e977608effa94ce217f3b959e7 (patch)
tree	5645d4700d0326ede4b37cd8c790b9c3509792e1 /net
parent	ced9763b911d66ab4da4a9edf2a8d3ce29238af8 (diff)
download	linux-exynos-5652aed1de29c6e977608effa94ce217f3b959e7.tar.gz linux-exynos-5652aed1de29c6e977608effa94ce217f3b959e7.tar.bz2 linux-exynos-5652aed1de29c6e977608effa94ce217f3b959e7.zip