--- /dev/null
+From bd78980be1a68d14524c51c4b4170782fada622b Mon Sep 17 00:00:00 2001
+From: Phillip Potter <phil@philpotter.co.uk>
+Date: Thu, 1 Apr 2021 23:36:07 +0100
+Subject: net: usb: ax88179_178a: initialize local variables before use
+
+From: Phillip Potter <phil@philpotter.co.uk>
+
+commit bd78980be1a68d14524c51c4b4170782fada622b upstream.
+
+Use memset to initialize local array in drivers/net/usb/ax88179_178a.c, and
+also set a local u16 and u32 variable to 0. Fixes a KMSAN found uninit-value bug
+reported by syzbot at:
+https://syzkaller.appspot.com/bug?id=00371c73c72f72487c1d0bfe0cc9d00de339d5aa
+
+Reported-by: syzbot+4993e4a0e237f1b53747@syzkaller.appspotmail.com
+Signed-off-by: Phillip Potter <phil@philpotter.co.uk>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/usb/ax88179_178a.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+--- a/drivers/net/usb/ax88179_178a.c
++++ b/drivers/net/usb/ax88179_178a.c
+@@ -296,12 +296,12 @@ static int ax88179_read_cmd(struct usbne
+ int ret;
+
+ if (2 == size) {
+- u16 buf;
++ u16 buf = 0;
+ ret = __ax88179_read_cmd(dev, cmd, value, index, size, &buf, 0);
+ le16_to_cpus(&buf);
+ *((u16 *)data) = buf;
+ } else if (4 == size) {
+- u32 buf;
++ u32 buf = 0;
+ ret = __ax88179_read_cmd(dev, cmd, value, index, size, &buf, 0);
+ le32_to_cpus(&buf);
+ *((u32 *)data) = buf;
+@@ -1296,6 +1296,8 @@ static void ax88179_get_mac_addr(struct
+ {
+ u8 mac[ETH_ALEN];
+
++ memset(mac, 0, sizeof(mac));
++
+ /* Maybe the boot loader passed the MAC address via device tree */
+ if (!eth_platform_get_mac_address(&dev->udev->dev, mac)) {
+ netif_dbg(dev, ifup, dev->net,
projects / thirdparty / kernel / stable-queue.git / commitdiff
