From: Victor Julien <victor@inliniac.net>
Date: Fri, 18 Oct 2019 10:02:03 +0000 (+0200)
Subject: nfq: clear memory of queue before using it
X-Git-Tag: suricata-5.0.1~109
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=64a789bbf6b7e297048e574f21f7a084c54f307b;p=thirdparty%2Fsuricata.git

nfq: clear memory of queue before using it

Avoids using uninitialized memory. Show showed itself
in nonsense values in counters, and in nfq_handle_packet
errors that were likely the result of passing uninitialized
memory to the nfq API.

Bug 3263.
Bug 3120.

Fixes: b2a6c60dee83 ("source-nfq: increase maximum queues number to 65535")
---

diff --git a/src/source-nfq.c b/src/source-nfq.c
index e820e71fe6..a0cab39b5e 100644
--- a/src/source-nfq.c
+++ b/src/source-nfq.c
@@ -847,6 +847,7 @@ int NFQRegisterQueue(const uint16_t number)
     ntv->nfq_index = receive_queue_num;
 
     nq = &g_nfq_q[receive_queue_num];
+    memset(nq, 0, sizeof(*nq));
     nq->queue_num = number;
     receive_queue_num++;
     SCMutexUnlock(&nfq_init_lock);