mptcp: fix uninitialized value access

tcp_v{4,6}_syn_recv_sock() set 'own_req' only when returning
a not NULL 'child', let's check 'own_req' only if child is
available to avoid an - unharmful - UBSAN splat.

v1 -> v2:
 - reference the correct hash

Fixes: 4c8941de781c ("mptcp: avoid flipping mp_capable field in syn_recv_sock()")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c
index bad9985297671c3f901f1560b8bbb155df62df77..67a4e35d48384ee0fd54b3d9cafe0a0bf25e034a 100644 (file)
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -523,7 +523,7 @@ out:
        /* check for expected invariant - should never trigger, just help
         * catching eariler subtle bugs
         */
-       WARN_ON_ONCE(*own_req && child && tcp_sk(child)->is_mptcp &&
+       WARN_ON_ONCE(child && *own_req && tcp_sk(child)->is_mptcp &&
                     (!mptcp_subflow_ctx(child) ||
                      !mptcp_subflow_ctx(child)->conn));
        return child;