can: j1935: j1939_tp_tx_dat_new(): fix missing initialization of skbcnt

[ Upstream commit e009f95b1543e26606dca2f7e6e9f0f9174538e5 ]

This fixes an uninit-value warning:
BUG: KMSAN: uninit-value in can_receive+0x26b/0x630 net/can/af_can.c:650

Reported-and-tested-by: syzbot+3f3837e61a48d32b495f@syzkaller.appspotmail.com
Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol")
Cc: Robin van der Gracht <robin@protonic.nl>
Cc: Oleksij Rempel <linux@rempel-privat.de>
Cc: Pengutronix Kernel Team <kernel@pengutronix.de>
Cc: Oliver Hartkopp <socketcan@hartkopp.net>
Cc: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Link: https://lore.kernel.org/r/20201008061821.24663-1-xiyou.wangcong@gmail.com
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c
index a8dd956b5e8e1cb66e4d3be1669d8d9bd7e111fd..28c2928e3931ab8a7ccb0920b3bf2ee70fe55132 100644 (file)
--- a/net/can/j1939/transport.c
+++ b/net/can/j1939/transport.c
@@ -580,6 +580,7 @@ sk_buff *j1939_tp_tx_dat_new(struct j1939_priv *priv,
        skb->dev = priv->ndev;
        can_skb_reserve(skb);
        can_skb_prv(skb)->ifindex = priv->ndev->ifindex;
+       can_skb_prv(skb)->skbcnt = 0;
        /* reserve CAN header */
        skb_reserve(skb, offsetof(struct can_frame, data));