ebtables: Zero freed pointers in ebt_cs_clean()

Trying to recycle an iptables_command_state object by calling first
clear_cs then init_cs callbacks causes invalid data accesses with
ebtables otherwise.

Fixes: fe97f60e5d2a9 ("ebtables-compat: add watchers support")
Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c
index 0f85e21861cdeb06e4e25eb7a2ff763fe9770e8e..f75a13fbf1120d63f39081484a663e8be9e8d355 100644 (file)
--- a/iptables/nft-bridge.c
+++ b/iptables/nft-bridge.c
@@ -46,6 +46,7 @@ void ebt_cs_clean(struct iptables_command_state *cs)
                free(m);
                m = nm;
        }
+       cs->match_list = NULL;
 
        if (cs->target) {
                free(cs->target->t);