From 1cb4610ed22c68310121f17a198a5bc65844500b Mon Sep 17 00:00:00 2001
From: Giacomo Tesio <giacomo@tesio.it>
Date: Sun, 15 Jan 2017 01:35:28 +0100
Subject: [PATCH] kernel: udp: fix read of uninitialized array

CID 156231 (#1 of 1): Uninitialized scalar variable (UNINIT)6.
uninit_use_in_call: Using uninitialized element of array laddr when calling memcmp.
---
 sys/src/kern/ip/udp.c | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/sys/src/kern/ip/udp.c b/sys/src/kern/ip/udp.c
index 1d4f352..b1cdb7f 100644
--- a/sys/src/kern/ip/udp.c
+++ b/sys/src/kern/ip/udp.c
@@ -199,8 +199,9 @@ udpkick(void *x, Block *bp)
 		return;
 
 	ucb = (Udpcb*)c->ptcl;
-	switch(ucb->headers) {
-	case 7:
+
+	/* ucb->headers can only be 0 or 7 (see udpctl) */
+	if(ucb->headers) {
 		/* get user specified addresses */
 		bp = pullupblock(bp, UDP_USEAD7);
 		if(bp == nil)
@@ -215,19 +216,14 @@ udpkick(void *x, Block *bp)
 		bp->rp += IPaddrlen;		/* Ignore ifc address */
 		rport = nhgets(bp->rp);
 		bp->rp += 2+2;			/* Ignore local port */
-		break;
-	default:
-		rport = 0;
-		break;
-	}
 
-	if(ucb->headers) {
 		if(memcmp(laddr, v4prefix, IPv4off) == 0
 		|| ipcmp(laddr, IPnoaddr) == 0)
 			version = 4;
 		else
 			version = 6;
 	} else {
+		rport = 0;
 		if( (memcmp(c->raddr, v4prefix, IPv4off) == 0 &&
 			memcmp(c->laddr, v4prefix, IPv4off) == 0)
 			|| ipcmp(c->raddr, IPnoaddr) == 0)