libxtables: xlate: init buffer to zero

Doesn't affect iptables-xlate, but nft (when built w. xtables support).

Without this, nft can print random content if an extension doesn't
add anything to the output xlate buffer, e.g.

-p mh -m mh

can cause nft to print random data after "meta l4proto mobility",
as mh ->xlate doesn't do anything in this case.

Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/libxtables/xtables.c b/libxtables/xtables.c
index 11231fc473d5191a485fcf4663e92dada48c74fe..ea9bb102c8eb4abb3c1250481d1da8c0e6f1932d 100644 (file)
--- a/libxtables/xtables.c
+++ b/libxtables/xtables.c
@@ -2212,6 +2212,7 @@ struct xt_xlate *xt_xlate_alloc(int size)
        if (xl->buf.data == NULL)
                xtables_error(RESOURCE_PROBLEM, "OOM");
 
+       xl->buf.data[0] = '\0';
        xl->buf.size = size;
        xl->buf.rem = size;
        xl->buf.off = 0;