12173 ip: variable may be used uninitialized in this function
Reviewed by: Dan McDonald <danmcd@joyent.com>
Approved by: Robert Mustacchi <rm@fingolfin.org>
diff --git a/usr/src/uts/common/inet/ilb/ilb.c b/usr/src/uts/common/inet/ilb/ilb.c
index 8ab2a90..91cd671 100644
--- a/usr/src/uts/common/inet/ilb/ilb.c
+++ b/usr/src/uts/common/inet/ilb/ilb.c
@@ -1679,6 +1679,8 @@
uint16_t nat_src_idx;
boolean_t busy;
+ ret = 0;
+
/*
* We don't really need to switch here since both protocols's
* ports are at the same offset. Just prepare for future protocol
diff --git a/usr/src/uts/common/inet/ilb/ilb_conn.c b/usr/src/uts/common/inet/ilb/ilb_conn.c
index 7f79d41..24b0138 100644
--- a/usr/src/uts/common/inet/ilb/ilb_conn.c
+++ b/usr/src/uts/common/inet/ilb/ilb_conn.c
@@ -132,6 +132,9 @@
ilb_conn_t **next, **prev;
ilb_conn_t **next_prev, **prev_next;
+ next_prev = NULL;
+ prev_next = NULL;
+
if (c2s) {
hash = connp->conn_c2s_hash;
ASSERT(MUTEX_HELD(&hash->ilb_conn_hash_lock));
@@ -698,6 +701,7 @@
uint32_t ack, seq;
int32_t seg_len;
+ ack = 0;
if (tcpha->tha_flags & TH_RST)
return (B_FALSE);
@@ -903,6 +907,11 @@
uint32_t adj_ip_sum;
boolean_t full_nat;
+ in_iph4 = NULL;
+ in_iph6 = NULL;
+ icmph4 = NULL;
+ icmph6 = NULL;
+
if (l3 == IPPROTO_IP) {
in6_addr_t in_src, in_dst;
diff --git a/usr/src/uts/common/inet/ip/conn_opt.c b/usr/src/uts/common/inet/ip/conn_opt.c
index bcbc1c4..71ff818 100644
--- a/usr/src/uts/common/inet/ip/conn_opt.c
+++ b/usr/src/uts/common/inet/ip/conn_opt.c
@@ -1189,6 +1189,7 @@
if (connp->conn_family != AF_INET)
return (EINVAL);
+ ifindex = UINT_MAX;
switch (name) {
case IP_TTL:
/* Don't allow zero */
@@ -1509,6 +1510,7 @@
if (connp->conn_family != AF_INET6)
return (EINVAL);
+ ifindex = UINT_MAX;
switch (name) {
case IPV6_MULTICAST_IF:
/*
diff --git a/usr/src/uts/common/inet/ip/icmp.c b/usr/src/uts/common/inet/ip/icmp.c
index 36eb88d..57ee0c5 100644
--- a/usr/src/uts/common/inet/ip/icmp.c
+++ b/usr/src/uts/common/inet/ip/icmp.c
@@ -738,6 +738,11 @@
}
ASSERT(sa != NULL && len != 0);
+ sin = NULL;
+ sin6 = NULL;
+ dstport = 0;
+ flowinfo = 0;
+ v4dst = INADDR_ANY;
/*
* Determine packet type based on type of address passed in
@@ -3475,6 +3480,7 @@
}
} else {
/* Connected case */
+ dstport = connp->conn_fport;
v6dst = connp->conn_faddr_v6;
flowinfo = connp->conn_flowinfo;
}
diff --git a/usr/src/uts/common/inet/ip/igmp.c b/usr/src/uts/common/inet/ip/igmp.c
index 423bb2a..de6a918 100644
--- a/usr/src/uts/common/inet/ip/igmp.c
+++ b/usr/src/uts/common/inet/ip/igmp.c
@@ -310,15 +310,15 @@
mblk_t *
igmp_input(mblk_t *mp, ip_recv_attr_t *ira)
{
- igmpa_t *igmpa;
+ igmpa_t *igmpa;
ipha_t *ipha = (ipha_t *)(mp->b_rptr);
int iphlen, igmplen, mblklen;
- ilm_t *ilm;
+ ilm_t *ilm;
uint32_t src, dst;
- uint32_t group;
+ uint32_t group;
in6_addr_t v6group;
uint_t next;
- ipif_t *ipif;
+ ipif_t *ipif;
ill_t *ill = ira->ira_ill;
ip_stack_t *ipst = ill->ill_ipst;
@@ -778,7 +778,7 @@
ASSERT(RW_WRITE_HELD(&ill->ill_mcast_lock));
if (ilm->ilm_addr == htonl(INADDR_ALLHOSTS_GROUP)) {
- ilm->ilm_rtx.rtx_timer = INFINITY;
+ ilm->ilm_rtx.rtx_timer = timer = INFINITY;
ilm->ilm_state = IGMP_OTHERMEMBER;
} else {
ip1dbg(("Querier mode %d, sending report, group %x\n",
@@ -857,11 +857,10 @@
ill = ilm->ilm_ill;
ASSERT(ill->ill_isv6);
-
ASSERT(RW_WRITE_HELD(&ill->ill_mcast_lock));
if (IN6_ARE_ADDR_EQUAL(&ipv6_all_hosts_mcast, &ilm->ilm_v6addr)) {
- ilm->ilm_rtx.rtx_timer = INFINITY;
+ ilm->ilm_rtx.rtx_timer = timer = INFINITY;
ilm->ilm_state = IGMP_OTHERMEMBER;
} else {
if (ill->ill_mcast_type == MLD_V1_ROUTER) {
@@ -1435,7 +1434,7 @@
uint_t
mld_timeout_handler_per_ill(ill_t *ill)
{
- ilm_t *ilm;
+ ilm_t *ilm;
uint_t next = INFINITY, current;
mrec_t *rp, *rtxrp;
rtx_state_t *rtxp;
@@ -1832,7 +1831,7 @@
ipha_t *ipha;
int hdrlen = sizeof (ipha_t) + RTRALERT_LEN;
size_t size = hdrlen + sizeof (igmpa_t);
- ill_t *ill = ilm->ilm_ill;
+ ill_t *ill = ilm->ilm_ill;
ip_stack_t *ipst = ill->ill_ipst;
ASSERT(RW_LOCK_HELD(&ill->ill_mcast_lock));
@@ -1859,15 +1858,15 @@
ipha->ipha_version_and_hdr_length = (IP_VERSION << 4)
| (IP_SIMPLE_HDR_LENGTH_IN_WORDS + RTRALERT_LEN_IN_WORDS);
- ipha->ipha_type_of_service = 0;
+ ipha->ipha_type_of_service = 0;
ipha->ipha_length = htons(size);
ipha->ipha_ident = 0;
ipha->ipha_fragment_offset_and_flags = 0;
- ipha->ipha_ttl = IGMP_TTL;
- ipha->ipha_protocol = IPPROTO_IGMP;
- ipha->ipha_hdr_checksum = 0;
- ipha->ipha_dst = addr ? addr : igmpa->igmpa_group;
- ipha->ipha_src = INADDR_ANY;
+ ipha->ipha_ttl = IGMP_TTL;
+ ipha->ipha_protocol = IPPROTO_IGMP;
+ ipha->ipha_hdr_checksum = 0;
+ ipha->ipha_dst = addr ? addr : igmpa->igmpa_group;
+ ipha->ipha_src = INADDR_ANY;
ill_mcast_queue(ill, mp);
@@ -2448,7 +2447,7 @@
{
mblk_t *mp;
mld_hdr_t *mldh;
- ip6_t *ip6h;
+ ip6_t *ip6h;
ip6_hbh_t *ip6hbh;
struct ip6_opt_router *ip6router;
size_t size = IPV6_HDR_LEN + sizeof (mld_hdr_t);
diff --git a/usr/src/uts/common/inet/ip/ip.c b/usr/src/uts/common/inet/ip/ip.c
index 5090f88..04b26ed 100644
--- a/usr/src/uts/common/inet/ip/ip.c
+++ b/usr/src/uts/common/inet/ip/ip.c
@@ -2404,6 +2404,7 @@
* its there, and make sure it points to either something
* inside this option, or the end of the option.
*/
+ pointer = IPOPT_EOL;
switch (opt) {
case IPOPT_RR:
case IPOPT_TS:
@@ -6338,6 +6339,9 @@
optfn = ip_opt_delete_group;
break;
default:
+ /* Should not be reached. */
+ fmode = MODE_IS_INCLUDE;
+ optfn = NULL;
ASSERT(0);
}
@@ -6467,6 +6471,9 @@
optfn = ip_opt_delete_group;
break;
default:
+ /* Should not be reached. */
+ optfn = NULL;
+ fmode = 0;
ASSERT(0);
}
@@ -8993,6 +9000,8 @@
ip2dbg(("ip_forward_options\n"));
dst = ipha->ipha_dst;
+ opt = NULL;
+
for (optval = ipoptp_first(&opts, ipha);
optval != IPOPT_EOL;
optval = ipoptp_next(&opts)) {
@@ -9079,6 +9088,7 @@
opt[IPOPT_OFFSET] += IP_ADDR_LEN;
break;
case IPOPT_TS:
+ off = 0;
/* Insert timestamp if there is room */
switch (opt[IPOPT_POS_OV_FLG] & 0x0F) {
case IPOPT_TS_TSONLY:
@@ -9243,6 +9253,7 @@
ip_stack_t *ipst = ill->ill_ipst;
ip2dbg(("ip_input_local_options\n"));
+ opt = NULL;
for (optval = ipoptp_first(&opts, ipha);
optval != IPOPT_EOL;
@@ -9305,6 +9316,7 @@
opt[IPOPT_OFFSET] += IP_ADDR_LEN;
break;
case IPOPT_TS:
+ off = 0;
/* Insert timestamp if there is romm */
switch (opt[IPOPT_POS_OV_FLG] & 0x0F) {
case IPOPT_TS_TSONLY:
@@ -9398,6 +9410,7 @@
ire_t *ire;
ip2dbg(("ip_input_options\n"));
+ opt = NULL;
*errorp = 0;
for (optval = ipoptp_first(&opts, ipha);
optval != IPOPT_EOL;
@@ -11946,6 +11959,7 @@
ipaddr_t dst;
uint32_t ts;
timestruc_t now;
+ uint32_t off = 0;
for (optval = ipoptp_first(&opts, ipha);
optval != IPOPT_EOL;
@@ -11954,7 +11968,6 @@
optlen = opts.ipoptp_len;
ASSERT((opts.ipoptp_flags & IPOPTP_ERROR) == 0);
switch (optval) {
- uint32_t off;
case IPOPT_SSRR:
case IPOPT_LSRR:
off = opt[IPOPT_OFFSET];
@@ -12601,6 +12614,7 @@
}
ci.ci_ipif = NULL;
+ extract_funcp = NULL;
switch (ipip->ipi_cmd_type) {
case MISC_CMD:
case MSFILT_CMD:
@@ -12777,6 +12791,7 @@
else
connp = NULL;
+ iocp = NULL;
switch (DB_TYPE(mp)) {
case M_IOCTL:
/*
@@ -12987,6 +13002,7 @@
ip2dbg(("ip_output_options\n"));
+ opt = NULL;
dst = ipha->ipha_dst;
for (optval = ipoptp_first(&opts, ipha);
optval != IPOPT_EOL;
diff --git a/usr/src/uts/common/inet/ip/ip6.c b/usr/src/uts/common/inet/ip/ip6.c
index 9c7f6b4..659eda4 100644
--- a/usr/src/uts/common/inet/ip/ip6.c
+++ b/usr/src/uts/common/inet/ip/ip6.c
@@ -2858,7 +2858,7 @@
uint8_t *optptr, uint_t optlen, uint8_t hdr_type, ip_recv_attr_t *ira)
{
uint8_t opt_type;
- uint_t optused;
+ uint_t optused = 0;
int ret = 0;
const char *errtype;
ill_t *ill = ira->ira_ill;
diff --git a/usr/src/uts/common/inet/ip/ip6_ire.c b/usr/src/uts/common/inet/ip/ip6_ire.c
index ad738bc..1145025 100644
--- a/usr/src/uts/common/inet/ip/ip6_ire.c
+++ b/usr/src/uts/common/inet/ip/ip6_ire.c
@@ -687,7 +687,7 @@
const in6_addr_t *gateway, int type, const ill_t *ill, zoneid_t zoneid,
const ts_label_t *tsl, int match_flags)
{
- in6_addr_t gw_addr_v6;
+ in6_addr_t gw_addr_v6 = { 0 };
ill_t *ire_ill = NULL, *dst_ill;
ip_stack_t *ipst = ire->ire_ipst;
diff --git a/usr/src/uts/common/inet/ip/ip6_output.c b/usr/src/uts/common/inet/ip/ip6_output.c
index b023a2f..6c5868d 100644
--- a/usr/src/uts/common/inet/ip/ip6_output.c
+++ b/usr/src/uts/common/inet/ip/ip6_output.c
@@ -1014,7 +1014,7 @@
*/
if (pktlen > ixa->ixa_fragsize ||
(ixaflags & (IXAF_IPSEC_SECURE|IXAF_IPV6_ADD_FRAGHDR))) {
- uint32_t ident;
+ uint32_t ident = 0;
if (ixaflags & IXAF_IPSEC_SECURE)
pktlen += ipsec_out_extra_length(ixa);
diff --git a/usr/src/uts/common/inet/ip/ip_ftable.c b/usr/src/uts/common/inet/ip/ip_ftable.c
index 980436b..408b9d0 100644
--- a/usr/src/uts/common/inet/ip/ip_ftable.c
+++ b/usr/src/uts/common/inet/ip/ip_ftable.c
@@ -76,7 +76,7 @@
(((ire)->ire_type & IRE_DEFAULT) || \
(((ire)->ire_type & IRE_INTERFACE) && ((ire)->ire_addr == 0)))
-#define IP_SRC_MULTIHOMING(isv6, ipst) \
+#define IP_SRC_MULTIHOMING(isv6, ipst) \
(isv6 ? ipst->ips_ipv6_strict_src_multihoming : \
ipst->ips_ip_strict_src_multihoming)
@@ -470,7 +470,7 @@
* routes to this destination, this routine will utilise the
* first route it finds to IP address
* Return values:
- * 0 - FAILURE
+ * 0 - FAILURE
* nonzero - ifindex
*/
uint_t
@@ -807,7 +807,7 @@
ire_t *orig_ire, ip_stack_t *ipst)
{
ire_t *ire, *maybe_ire = NULL;
- uint_t maybe_badcnt;
+ uint_t maybe_badcnt = 0;
uint_t maxwalk;
/* Fold in more bits from the hint/hash */
diff --git a/usr/src/uts/common/inet/ip/ip_if.c b/usr/src/uts/common/inet/ip/ip_if.c
index 31789fb..4704909 100644
--- a/usr/src/uts/common/inet/ip/ip_if.c
+++ b/usr/src/uts/common/inet/ip/ip_if.c
@@ -1477,9 +1477,9 @@
id_ic = (dl_capab_id_t *)(outers + 1);
+ inners = &id_ic->id_subcap;
if (outers->dl_length < sizeof (*id_ic) ||
- (inners = &id_ic->id_subcap,
- inners->dl_length > (outers->dl_length - sizeof (*inners)))) {
+ inners->dl_length > (outers->dl_length - sizeof (*inners))) {
cmn_err(CE_WARN, "ill_capability_id_ack: malformed "
"encapsulated capab type %d too long for mblk",
inners->dl_cap);
@@ -3941,6 +3941,7 @@
phyint_t *phyi_initial;
uint_t ifindex;
+ phyi_initial = NULL;
rw_enter(&ipst->ips_ill_g_lock, RW_READER);
if (index == 0) {
diff --git a/usr/src/uts/common/inet/ip/ip_ndp.c b/usr/src/uts/common/inet/ip/ip_ndp.c
index 69506f7..2cee123 100644
--- a/usr/src/uts/common/inet/ip/ip_ndp.c
+++ b/usr/src/uts/common/inet/ip/ip_ndp.c
@@ -2943,6 +2943,8 @@
ASSERT(ncec->ncec_lladdr != NULL || new_state == ND_INITIAL ||
new_state == ND_INCOMPLETE);
}
+
+ tid = 0;
if (need_stop_timer || (ncec->ncec_flags & NCE_F_STATIC)) {
tid = ncec->ncec_timeout_id;
ncec->ncec_timeout_id = 0;
@@ -4433,6 +4435,7 @@
ASSERT(src != NULL);
ASSERT(IN6_IS_ADDR_UNSPECIFIED(src));
+ src4 = 0;
src6 = *src;
if (is_myaddr) {
src6 = ncec->ncec_addr;
@@ -4641,6 +4644,7 @@
ndp = ill->ill_ipst->ips_ndp4;
*retnce = NULL;
+ state = 0;
ASSERT(MUTEX_HELD(&ndp->ndp_g_lock));
diff --git a/usr/src/uts/common/inet/ip/ip_output.c b/usr/src/uts/common/inet/ip/ip_output.c
index ea69412..d3d04d4 100644
--- a/usr/src/uts/common/inet/ip/ip_output.c
+++ b/usr/src/uts/common/inet/ip/ip_output.c
@@ -1099,7 +1099,7 @@
int, 1);
if (HOOKS4_INTERESTED_LOOPBACK_OUT(ipst)) {
- int error;
+ int error = 0;
DTRACE_PROBE4(ip4__loopback__out__start, ill_t *, NULL,
ill_t *, ill, ipha_t *, ipha, mblk_t *, mp);
@@ -1155,7 +1155,7 @@
}
if (HOOKS4_INTERESTED_LOOPBACK_IN(ipst)) {
- int error;
+ int error = 0;
DTRACE_PROBE4(ip4__loopback__in__start, ill_t *, ill,
ill_t *, NULL, ipha_t *, ipha, mblk_t *, mp);
diff --git a/usr/src/uts/common/inet/ip/ip_rts.c b/usr/src/uts/common/inet/ip/ip_rts.c
index dece7be..5df5ad6 100644
--- a/usr/src/uts/common/inet/ip/ip_rts.c
+++ b/usr/src/uts/common/inet/ip/ip_rts.c
@@ -114,7 +114,7 @@
ip_stack_t *ipst)
{
mblk_t *mp1;
- conn_t *connp, *next_connp;
+ conn_t *connp, *next_connp;
/*
* Since we don't have an ill_t here, RTSQ_DEFAULT must already be
@@ -190,7 +190,7 @@
mblk_t *mp;
rt_msghdr_t *rtm;
int rtm_addrs = (RTA_DST | RTA_NETMASK | RTA_GATEWAY);
- sa_family_t af;
+ sa_family_t af = { 0 };
in6_addr_t gw_addr_v6;
if (ire == NULL)
@@ -199,6 +199,7 @@
ire->ire_ipversion == IPV6_VERSION);
ASSERT(!(ire->ire_type & IRE_IF_CLONE));
+ mp = NULL;
if (ire->ire_flags & RTF_SETSRC)
rtm_addrs |= RTA_SRC;
@@ -306,10 +307,14 @@
ts_label_t *tsl = NULL;
zoneid_t zoneid;
ip_stack_t *ipst;
- ill_t *ill = NULL;
+ ill_t *ill = NULL;
zoneid = connp->conn_zoneid;
ipst = connp->conn_netstack->netstack_ip;
+ net_mask = 0;
+ src_addr = 0;
+ dst_addr = 0;
+ gw_addr = 0;
if (mp->b_cont != NULL && !pullupmsg(mp, -1)) {
freemsg(mp);
@@ -1239,6 +1244,9 @@
ipaddr_t v4setsrc;
rtm = (rt_msghdr_t *)mp->b_rptr;
+ ifaddr = 0;
+ brdaddr = 0;
+ rtm_flags = 0;
/*
* Find the ill used to send packets. This will be NULL in case
@@ -1406,7 +1414,7 @@
ill_t *ill;
ifrt_t *ifrt;
mblk_t *mp;
- in6_addr_t gw_addr_v6;
+ in6_addr_t gw_addr_v6 = { 0 };
/* Need to add back some metrics to the IRE? */
/*
@@ -1422,6 +1430,7 @@
* <net/route.h> says: rmx_rtt and rmx_rttvar are stored as
* microseconds.
*/
+ rtt = 0;
if (which & RTV_RTT)
rtt = metrics->rmx_rtt / 1000;
if (which & RTV_RTTVAR)
diff --git a/usr/src/uts/common/inet/ip/ipclassifier.c b/usr/src/uts/common/inet/ip/ipclassifier.c
index a59a920..09cafcb 100644
--- a/usr/src/uts/common/inet/ip/ipclassifier.c
+++ b/usr/src/uts/common/inet/ip/ipclassifier.c
@@ -612,6 +612,7 @@
break;
default:
+ conn_cache = NULL;
connp = NULL;
ASSERT(0);
}
diff --git a/usr/src/uts/common/inet/ip/ipmp.c b/usr/src/uts/common/inet/ip/ipmp.c
index 912b489..3106b6e 100644
--- a/usr/src/uts/common/inet/ip/ipmp.c
+++ b/usr/src/uts/common/inet/ip/ipmp.c
@@ -1909,6 +1909,7 @@
ASSERT(IAM_WRITER_IPSQ(ipsq));
ASSERT(phyi->phyint_illv4 != NULL || phyi->phyint_illv6 != NULL);
+ ill = NULL;
/*
* Send routing socket messages indicating that the phyint's ills
diff --git a/usr/src/uts/common/inet/ip/spd.c b/usr/src/uts/common/inet/ip/spd.c
index d703170..85f06f3 100644
--- a/usr/src/uts/common/inet/ip/spd.c
+++ b/usr/src/uts/common/inet/ip/spd.c
@@ -163,7 +163,7 @@
* Inbound traffic should have matching identities for both SA's.
*/
-#define SA_IDS_MATCH(sa1, sa2) \
+#define SA_IDS_MATCH(sa1, sa2) \
(((sa1) == NULL) || ((sa2) == NULL) || \
(((sa1)->ipsa_src_cid == (sa2)->ipsa_src_cid) && \
(((sa1)->ipsa_dst_cid == (sa2)->ipsa_dst_cid))))
@@ -3178,6 +3178,7 @@
* TODO: should canonicalize a[] (i.e., zeroize any padding)
* so we can use a non-trivial policy_hash function.
*/
+ ap = NULL;
for (i = n-1; i >= 0; i--) {
hval = policy_hash(IPSEC_ACTION_HASH_SIZE, &a[i], &a[n]);
@@ -6282,6 +6283,9 @@
#ifdef FRAGCACHE_DEBUG
cmn_err(CE_WARN, "Fragcache: %s\n", inbound ? "INBOUND" : "OUTBOUND");
#endif
+ v6_proto = 0;
+ fraghdr = NULL;
+
/*
* You're on the slow path, so insure that every packet in the
* cache is a single-mblk one.
diff --git a/usr/src/uts/common/inet/ip/tnet.c b/usr/src/uts/common/inet/ip/tnet.c
index e8c7b0c..37a7402 100644
--- a/usr/src/uts/common/inet/ip/tnet.c
+++ b/usr/src/uts/common/inet/ip/tnet.c
@@ -692,7 +692,7 @@
const void *src;
const ip6_t *ip6h;
cred_t *credp;
- int proto;
+ int proto;
ASSERT(DB_TYPE(mp) == M_DATA);
@@ -1477,6 +1477,9 @@
*/
af = (ire->ire_ipversion == IPV4_VERSION) ? AF_INET : AF_INET6;
+ ipha = NULL;
+ ip6h = NULL;
+ gw_rhtp = NULL;
if (IPH_HDR_VERSION(mp->b_rptr) == IPV4_VERSION) {
ASSERT(ire->ire_ipversion == IPV4_VERSION);
diff --git a/usr/src/uts/common/inet/sctp/sctp_asconf.c b/usr/src/uts/common/inet/sctp/sctp_asconf.c
index f5edd19..db770df 100644
--- a/usr/src/uts/common/inet/sctp/sctp_asconf.c
+++ b/usr/src/uts/common/inet/sctp/sctp_asconf.c
@@ -47,7 +47,7 @@
typedef struct sctp_asconf_s {
mblk_t *head;
- uint32_t cid;
+ uint32_t cid;
} sctp_asconf_t;
/*
@@ -636,6 +636,12 @@
ASSERT(ch->sch_id == CHUNK_ASCONF_ACK);
+ ainfo = NULL;
+ alist = NULL;
+ dlist = NULL;
+ aptr = NULL;
+ dptr = NULL;
+
snp = (uint32_t *)(ch + 1);
rlen = ntohs(ch->sch_len) - sizeof (*ch) - sizeof (*snp);
if (rlen < 0) {
@@ -915,9 +921,9 @@
{
#define SCTP_SET_SENT_FLAG(mp) ((mp)->b_flag = SCTP_CHUNK_FLAG_SENT)
- mblk_t *mp;
+ mblk_t *mp;
mblk_t *ipmp;
- uint32_t *snp;
+ uint32_t *snp;
sctp_parm_hdr_t *ph;
boolean_t isv4;
sctp_stack_t *sctps = sctp->sctp_sctps;
@@ -1467,6 +1473,7 @@
* If deleting:
* o Must be part of the association
*/
+ sin6 = NULL;
for (i = 0; i < cnt; i++) {
switch (connp->conn_family) {
case AF_INET:
diff --git a/usr/src/uts/common/inet/sctp/sctp_common.c b/usr/src/uts/common/inet/sctp/sctp_common.c
index ef60f6d..a640ead 100644
--- a/usr/src/uts/common/inet/sctp/sctp_common.c
+++ b/usr/src/uts/common/inet/sctp/sctp_common.c
@@ -804,6 +804,8 @@
{
sctp_faddr_t *fpp;
+ fpp = NULL;
+
if (!sctp->sctp_faddrs) {
return;
}
diff --git a/usr/src/uts/common/inet/sctp/sctp_cookie.c b/usr/src/uts/common/inet/sctp/sctp_cookie.c
index 53c3518..da86faa 100644
--- a/usr/src/uts/common/inet/sctp/sctp_cookie.c
+++ b/usr/src/uts/common/inet/sctp/sctp_cookie.c
@@ -427,10 +427,10 @@
/*
* Copy the peer's original source address into addr. This relies on the
* following format (see sctp_send_initack() below):
- * relative timestamp for the cookie (int64_t) +
- * cookie lifetime (uint32_t) +
- * local tie-tag (uint32_t) + peer tie-tag (uint32_t) +
- * Peer's original src ...
+ * relative timestamp for the cookie (int64_t) +
+ * cookie lifetime (uint32_t) +
+ * local tie-tag (uint32_t) + peer tie-tag (uint32_t) +
+ * Peer's original src ...
*/
int
cl_sctp_cookie_paddr(sctp_chunk_hdr_t *ch, in6_addr_t *addr)
@@ -454,7 +454,7 @@
sizeof (int64_t) + /* timestamp */ \
sizeof (uint32_t) + /* cookie lifetime */ \
sizeof (sctp_init_chunk_t) + /* INIT ACK */ \
- sizeof (in6_addr_t) + /* peer's original source */ \
+ sizeof (in6_addr_t) + /* peer's original source */ \
ntohs((initcp)->sch_len) + /* peer's INIT */ \
sizeof (uint32_t) + /* local tie-tag */ \
sizeof (uint32_t) + /* peer tie-tag */ \
@@ -946,6 +946,8 @@
uint16_t old_num_str;
sctp_stack_t *sctps = sctp->sctp_sctps;
+ sdc = NULL;
+ seglen = 0;
iack = (sctp_init_chunk_t *)(iackch + 1);
cph = NULL;
diff --git a/usr/src/uts/common/inet/sctp/sctp_input.c b/usr/src/uts/common/inet/sctp/sctp_input.c
index 1b6449c..7d856fa 100644
--- a/usr/src/uts/common/inet/sctp/sctp_input.c
+++ b/usr/src/uts/common/inet/sctp/sctp_input.c
@@ -831,7 +831,7 @@
* there is a break in the sequence. We want
* to chop the reassembly list as follows (the
* numbers are TSNs):
- * 10 -> 11 -> (end of chunks)
+ * 10 -> 11 -> (end of chunks)
* 10 -> 11 -> | 13 (break in sequence)
*/
prev = mp;
@@ -943,6 +943,7 @@
uint32_t tsn;
uint16_t fraglen = 0;
+ reassq_curr = NULL;
*error = 0;
/*
diff --git a/usr/src/uts/common/inet/sctp/sctp_opt_data.c b/usr/src/uts/common/inet/sctp/sctp_opt_data.c
index 23abecc..476a6d9 100644
--- a/usr/src/uts/common/inet/sctp/sctp_opt_data.c
+++ b/usr/src/uts/common/inet/sctp/sctp_opt_data.c
@@ -1057,7 +1057,10 @@
/* In all cases, the size of the option must be bigger than int */
if (inlen >= sizeof (int32_t)) {
onoff = ONOFF(*i1);
+ } else {
+ return (EINVAL);
}
+
retval = 0;
RUN_SCTP(sctp);
diff --git a/usr/src/uts/common/inet/sctp/sctp_output.c b/usr/src/uts/common/inet/sctp/sctp_output.c
index eced6ec..0564f5a 100644
--- a/usr/src/uts/common/inet/sctp/sctp_output.c
+++ b/usr/src/uts/common/inet/sctp/sctp_output.c
@@ -990,8 +990,8 @@
mblk_t *head;
mblk_t *meta = sctp->sctp_xmit_tail;
mblk_t *fill = NULL;
- uint16_t chunklen;
- uint32_t cansend;
+ uint16_t chunklen;
+ uint32_t cansend;
int32_t seglen;
int32_t xtralen;
int32_t sacklen;
@@ -1007,6 +1007,8 @@
sctp_stack_t *sctps = sctp->sctp_sctps;
uint32_t tsn;
+ lfp = NULL;
+
if (sctp->sctp_ftsn == sctp->sctp_lastacked + 1) {
sacklen = 0;
} else {
@@ -1651,7 +1653,7 @@
* - the chunk is unsent, i.e. new data.
*/
#define SCTP_CHUNK_RX_CANBUNDLE(mp, fp) \
- (!SCTP_CHUNK_ABANDONED((mp)) && \
+ (!SCTP_CHUNK_ABANDONED((mp)) && \
((SCTP_CHUNK_ISSENT((mp)) && (SCTP_CHUNK_DEST(mp) == (fp) && \
!SCTP_CHUNK_ISACKED(mp))) || \
(((mp)->b_flag & (SCTP_CHUNK_FLAG_REXMIT|SCTP_CHUNK_FLAG_SENT)) != \
@@ -1694,7 +1696,7 @@
*
* if the advanced peer ack point includes the next
* chunk to be retransmited - possibly the Forward
- * TSN was lost.
+ * TSN was lost.
*
* if we are PRSCTP aware and the next chunk to be
* retransmitted is now abandoned
diff --git a/usr/src/uts/common/inet/tcp/tcp_bind.c b/usr/src/uts/common/inet/tcp/tcp_bind.c
index 72093af..bf16fb6 100644
--- a/usr/src/uts/common/inet/tcp/tcp_bind.c
+++ b/usr/src/uts/common/inet/tcp/tcp_bind.c
@@ -312,7 +312,7 @@
boolean_t bind_to_req_port_only, cred_t *cr)
{
in_port_t mlp_port;
- mlp_type_t addrtype, mlptype;
+ mlp_type_t addrtype, mlptype;
boolean_t user_specified;
in_port_t allocated_port;
in_port_t requested_port = *requested_port_ptr;
@@ -321,6 +321,7 @@
tcp_stack_t *tcps = tcp->tcp_tcps;
in6_addr_t v6addr = connp->conn_laddr_v6;
+ zone = NULL;
/*
* XXX It's up to the caller to specify bind_to_req_port_only or not.
*/
@@ -685,7 +686,7 @@
if (connp->conn_anon_priv_bind) {
/*
* loopmax =
- * (IPPORT_RESERVED-1) - tcp_min_anonpriv_port + 1
+ * (IPPORT_RESERVED-1) - tcp_min_anonpriv_port + 1
*/
loopmax = IPPORT_RESERVED -
tcps->tcps_min_anonpriv_port;
diff --git a/usr/src/uts/common/inet/tcp/tcp_fusion.c b/usr/src/uts/common/inet/tcp/tcp_fusion.c
index e73c34d..f2cb8f6 100644
--- a/usr/src/uts/common/inet/tcp/tcp_fusion.c
+++ b/usr/src/uts/common/inet/tcp/tcp_fusion.c
@@ -160,7 +160,7 @@
if (!tcp->tcp_unfusable && !peer_tcp->tcp_unfusable &&
tcp->tcp_xmit_head == NULL && peer_tcp->tcp_xmit_head == NULL) {
- mblk_t *mp;
+ mblk_t *mp = NULL;
queue_t *peer_rq = peer_connp->conn_rq;
ASSERT(!TCP_IS_DETACHED(peer_tcp));
diff --git a/usr/src/uts/common/inet/tcp/tcp_input.c b/usr/src/uts/common/inet/tcp/tcp_input.c
index f7ea79d..490308f 100644
--- a/usr/src/uts/common/inet/tcp/tcp_input.c
+++ b/usr/src/uts/common/inet/tcp/tcp_input.c
@@ -2469,6 +2469,7 @@
tcp_unfuse(tcp);
}
+ mss = 0;
iphdr = mp->b_rptr;
rptr = mp->b_rptr;
ASSERT(OK_32PTR(rptr));
diff --git a/usr/src/uts/common/inet/tcp/tcp_misc.c b/usr/src/uts/common/inet/tcp/tcp_misc.c
index 4f6399c..0896dd7 100644
--- a/usr/src/uts/common/inet/tcp/tcp_misc.c
+++ b/usr/src/uts/common/inet/tcp/tcp_misc.c
@@ -291,6 +291,7 @@
startover:
nmatch = 0;
+ last = NULL;
mutex_enter(&connfp->connf_lock);
for (tconnp = connfp->connf_head; tconnp != NULL;
diff --git a/usr/src/uts/common/inet/tcp/tcp_output.c b/usr/src/uts/common/inet/tcp/tcp_output.c
index ae9efe8..7a0472f 100644
--- a/usr/src/uts/common/inet/tcp/tcp_output.c
+++ b/usr/src/uts/common/inet/tcp/tcp_output.c
@@ -1787,7 +1787,7 @@
uint32_t *snxt, int *tail_unsent, mblk_t **xmit_tail, mblk_t *local_time)
{
int num_lso_seg = 1;
- uint_t lso_usable;
+ uint_t lso_usable = 0;
boolean_t do_lso_send = B_FALSE;
tcp_stack_t *tcps = tcp->tcp_tcps;
conn_t *connp = tcp->tcp_connp;
diff --git a/usr/src/uts/common/inet/tcp/tcp_tpi.c b/usr/src/uts/common/inet/tcp/tcp_tpi.c
index dbdc5b8..6b32a0a 100644
--- a/usr/src/uts/common/inet/tcp/tcp_tpi.c
+++ b/usr/src/uts/common/inet/tcp/tcp_tpi.c
@@ -154,6 +154,10 @@
opt_offset = tcresp->OPT_offset;
opt_lenp = (t_scalar_t *)&tcresp->OPT_length;
break;
+ default:
+ opt_lenp = 0;
+ opt_offset = 0;
+ break;
}
*t_errorp = 0;
diff --git a/usr/src/uts/common/inet/udp/udp.c b/usr/src/uts/common/inet/udp/udp.c
index d233ea1..279611f 100644
--- a/usr/src/uts/common/inet/udp/udp.c
+++ b/usr/src/uts/common/inet/udp/udp.c
@@ -4837,6 +4837,8 @@
mlp_type_t addrtype, mlptype;
udp_stack_t *us = udp->udp_us;
+ sin = NULL;
+ sin6 = NULL;
switch (len) {
case sizeof (sin_t): /* Complete IPv4 address */
sin = (sin_t *)sa;
@@ -5550,6 +5552,10 @@
udp = connp->conn_udp;
us = udp->udp_us;
+ sin = NULL;
+ sin6 = NULL;
+ v4dst = INADDR_ANY;
+ flowinfo = 0;
/*
* Address has been verified by the caller
diff --git a/usr/src/uts/common/inet/udp/udp_stats.c b/usr/src/uts/common/inet/udp/udp_stats.c
index 2f5202f..4ed1ab9 100644
--- a/usr/src/uts/common/inet/udp/udp_stats.c
+++ b/usr/src/uts/common/inet/udp/udp_stats.c
@@ -93,7 +93,12 @@
*/
mp2ctl = copymsg(mpctl);
- mp_conn_ctl = mp_attr_ctl = mp6_conn_ctl = NULL;
+ mp6_info_ctl = NULL;
+ mp6_attr_ctl = NULL;
+ mp6_conn_ctl = NULL;
+ mp_info_ctl = NULL;
+ mp_attr_ctl = NULL;
+ mp_conn_ctl = NULL;
if (mpctl == NULL ||
(mpdata = mpctl->b_cont) == NULL ||
(mp_conn_ctl = copymsg(mpctl)) == NULL ||