We need to initialize all, but the struct j1939_sock::sk. Otherwise the
stack will explode in various colors (at our graphics teams used to
say). Add missing memset.
Signed-off-by: Oleksij Rempel <o.rempel@xxxxxxxxxxxxxx>
---
net/can/j1939/j1939-priv.h | 2 +-
net/can/j1939/socket.c | 6 ++++++
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/net/can/j1939/j1939-priv.h b/net/can/j1939/j1939-priv.h
index 8fb41fa289ba..e3d1793197fb 100644
--- a/net/can/j1939/j1939-priv.h
+++ b/net/can/j1939/j1939-priv.h
@@ -285,8 +285,8 @@ struct j1939_session {
};
struct j1939_sock {
- struct j1939_priv *priv;
struct sock sk; /* must be first to skip with memset */
+ struct j1939_priv *priv;
struct list_head list;
#define J1939_SOCK_BOUND BIT(0)
diff --git a/net/can/j1939/socket.c b/net/can/j1939/socket.c
index e6a77badcf73..f2d4dea5b158 100644
--- a/net/can/j1939/socket.c
+++ b/net/can/j1939/socket.c
@@ -353,6 +353,12 @@ static int j1939_sk_init(struct sock *sk)
{
struct j1939_sock *jsk = j1939_sk(sk);
+ /* Ensure that "sk" is first member in "struct j1939_sock", so that we
+ * can skip it during memset().
+ */
+ BUILD_BUG_ON(offsetof(struct j1939_sock, sk) != 0);
+ memset((void *)jsk + sizeof(jsk->sk), 0x0, sizeof(*jsk) - sizeof(jsk->sk));
+
INIT_LIST_HEAD(&jsk->list);
init_waitqueue_head(&jsk->waitq);
jsk->sk.sk_priority = j1939_to_sk_priority(6);
--
2.20.1
