From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Mon, 24 May 2021 12:03:02 +0000 (-0400)
Subject: decode/vxlan: Delay var init until needed
X-Git-Tag: suricata-7.0.0-beta1~1595
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=61fa748e9d7c3092d3dda96db6da2f70f2db6b20;p=thirdparty%2Fsuricata.git

decode/vxlan: Delay var init until needed

This commit modifies the var initialization slightly until after
integrity checks have been performed.
---

diff --git a/src/decode-vxlan.c b/src/decode-vxlan.c
index e08a4873c0..6a7322993e 100644
--- a/src/decode-vxlan.c
+++ b/src/decode-vxlan.c
@@ -126,10 +126,7 @@ void DecodeVXLANConfig(void)
 int DecodeVXLAN(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p,
         const uint8_t *pkt, uint32_t len)
 {
-    EthernetHdr *ethh = (EthernetHdr *)(pkt + VXLAN_HEADER_LEN);
-
-    uint16_t eth_type;
-    int decode_tunnel_proto = DECODE_TUNNEL_UNSET;
+    DEBUG_VALIDATE_BUG_ON(pkt == NULL);
 
     /* Initial packet validation */
     if (unlikely(!g_vxlan_enabled))
@@ -153,8 +150,11 @@ int DecodeVXLAN(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p,
     /* Increment stats counter for VXLAN packets */
     StatsIncr(tv, dtv->counter_vxlan);
 
+    EthernetHdr *ethh = (EthernetHdr *)(pkt + VXLAN_HEADER_LEN);
+    int decode_tunnel_proto = DECODE_TUNNEL_UNSET;
+
     /* Look at encapsulated Ethernet frame to get next protocol  */
-    eth_type = SCNtohs(ethh->eth_type);
+    uint16_t eth_type = SCNtohs(ethh->eth_type);
     SCLogDebug("VXLAN ethertype 0x%04x", eth_type);
 
     switch (eth_type) {