From: Phil Sutter <phil@nwl.cc>
Date: Fri, 13 Jan 2023 16:09:53 +0000 (+0100)
Subject: optimize: Do not return garbage from stack
X-Git-Tag: v1.0.7~36
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d4d47e5bdf943be494aeb5d5a29b8f5212acbddf;p=thirdparty%2Fnftables.git

optimize: Do not return garbage from stack

If input does not contain a single 'add' command (unusual, but
possible), 'ret' value was not initialized by nft_optimize() before
returning its value.

Fixes: fb298877ece27 ("src: add ruleset optimization infrastructure")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---

diff --git a/src/optimize.c b/src/optimize.c
index 12cae00d..289c442d 100644
--- a/src/optimize.c
+++ b/src/optimize.c
@@ -1217,7 +1217,7 @@ static int cmd_optimize(struct nft_ctx *nft, struct cmd *cmd)
 int nft_optimize(struct nft_ctx *nft, struct list_head *cmds)
 {
 	struct cmd *cmd;
-	int ret;
+	int ret = 0;
 
 	list_for_each_entry(cmd, cmds, list) {
 		switch (cmd->op) {