]> git.ipfire.org Git - thirdparty/iptables.git/commitdiff
projects / thirdparty / iptables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b45b4e3)
xtables-restore: Avoid access of uninitialized data
authorPhil Sutter <phil@nwl.cc>
Thu, 5 Dec 2019 10:40:26 +0000 (11:40 +0100)
committerPhil Sutter <phil@nwl.cc>
Fri, 6 Dec 2019 11:12:08 +0000 (12:12 +0100)
When flushing, 'buffer' is not written to prior to checking its first
byte's value. Therefore it needs to be initialized upon declaration.

Fixes: 09cb517949e69 ("xtables-restore: Improve performance of --noflush operation")
iptables/xtables-restore.c patch | blob | blame | history

diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index dd907e0b8ddd55c7d8df677e887a9e010c6a5984..63cc15cee96212cf7901205fc7ba0f611593077b 100644 (file)
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c
@@ -281,7 +281,7 @@ void xtables_restore_parse(struct nft_handle *h,
                           const struct nft_xt_restore_parse *p)
 {
        struct nft_xt_restore_state state = {};
-       char preload_buffer[PREBUFSIZ] = {}, buffer[10240], *ptr;
+       char preload_buffer[PREBUFSIZ] = {}, buffer[10240] = {}, *ptr;
 
        if (!h->noflush) {
                nft_fake_cache(h);
Mirror of git://git.netfilter.org/iptables