From 93c5d20c7760244ea98d2b9bc9620a20285c02cd Mon Sep 17 00:00:00 2001
From: andre <andre@FreeBSD.org>
Date: Thu, 19 Aug 2004 20:16:17 +0000
Subject: [PATCH] For IPv6 access pointer to tcpcb only after we have checked
 it is valid.

Found by:	Coverity's automated analysis (via Ted Unangst)
---
 sys/netinet/tcp_subr.c     | 5 ++++-
 sys/netinet/tcp_timewait.c | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c
index 2eebce47075c..cb709fb1e7cd 100644
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@@ -1420,11 +1420,14 @@ tcp_mtudisc(inp, errno)
 	u_int romtu;
 	int mss;
 #ifdef INET6
-	int isipv6 = (tp->t_inpcb->inp_vflag & INP_IPV6) != 0;
+	int isipv6;
 #endif /* INET6 */
 	bzero(&tao, sizeof(tao));
 
 	if (tp != NULL) {
+#ifdef INET6
+		isipv6 = (tp->t_inpcb->inp_vflag & INP_IPV6) != 0;
+#endif
 		maxmtu = tcp_hc_getmtu(&inp->inp_inc); /* IPv4 and IPv6 */
 		romtu =
 #ifdef INET6
diff --git a/sys/netinet/tcp_timewait.c b/sys/netinet/tcp_timewait.c
index 2eebce47075c..cb709fb1e7cd 100644
--- a/sys/netinet/tcp_timewait.c
+++ b/sys/netinet/tcp_timewait.c
@@ -1420,11 +1420,14 @@ tcp_mtudisc(inp, errno)
 	u_int romtu;
 	int mss;
 #ifdef INET6
-	int isipv6 = (tp->t_inpcb->inp_vflag & INP_IPV6) != 0;
+	int isipv6;
 #endif /* INET6 */
 	bzero(&tao, sizeof(tao));
 
 	if (tp != NULL) {
+#ifdef INET6
+		isipv6 = (tp->t_inpcb->inp_vflag & INP_IPV6) != 0;
+#endif
 		maxmtu = tcp_hc_getmtu(&inp->inp_inc); /* IPv4 and IPv6 */
 		romtu =
 #ifdef INET6