netfilter: nft_set_pipapo: don't return bogus extension pointer

[ Upstream commit c8a7c2c608180f3b4e51dc958b3861242dcdd76d ]

Dan Carpenter says:
Commit 17a20e09f086 ("netfilter: nft_set: remove one argument from
lookup and update functions") [..] leads to the following Smatch
static checker warning:

 net/netfilter/nft_set_pipapo_avx2.c:1269 nft_pipapo_avx2_lookup()
 error: uninitialized symbol 'ext'.

Fix this by initing ext to NULL and set it only once we've found
a match.

Fixes: 17a20e09f086 ("netfilter: nft_set: remove one argument from lookup and update functions")
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Closes: https://lore.kernel.org/netfilter-devel/aJBzc3V5wk-yPOnH@stanley.mountain/
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Stable-dep-of: c4eaca2e1052 ("netfilter: nft_set_pipapo: don't check genbit from packetpath lookups")
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/netfilter/nft_set_pipapo_avx2.c b/net/netfilter/nft_set_pipapo_avx2.c
index 6c441e2dc8af391a6ecf1e043676819b78e417e0..2155c7f345c21a3be0e32b48fc6c5dd14d0141f9 100644 (file)
--- a/net/netfilter/nft_set_pipapo_avx2.c
+++ b/net/netfilter/nft_set_pipapo_avx2.c
@@ -1151,12 +1151,12 @@ nft_pipapo_avx2_lookup(const struct net *net, const struct nft_set *set,
                       const u32 *key)
 {
        struct nft_pipapo *priv = nft_set_priv(set);
+       const struct nft_set_ext *ext = NULL;
        struct nft_pipapo_scratch *scratch;
        u8 genmask = nft_genmask_cur(net);
        const struct nft_pipapo_match *m;
        const struct nft_pipapo_field *f;
        const u8 *rp = (const u8 *)key;
-       const struct nft_set_ext *ext;
        unsigned long *res, *fill;
        bool map_index;
        int i;
@@ -1247,13 +1247,13 @@ next_match:
                        goto out;
 
                if (last) {
-                       ext = &f->mt[ret].e->ext;
-                       if (unlikely(nft_set_elem_expired(ext) ||
-                                    !nft_set_elem_active(ext, genmask))) {
-                               ext = NULL;
+                       const struct nft_set_ext *e = &f->mt[ret].e->ext;
+
+                       if (unlikely(nft_set_elem_expired(e) ||
+                                    !nft_set_elem_active(e, genmask)))
                                goto next_match;
-                       }
 
+                       ext = e;
                        goto out;
                }