From aca3570cfb4a6a07de0cc6e42b963b68a74a67fb Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 17 Sep 2024 19:18:09 +0200
Subject: [PATCH] cache: initialize filter when fetching implicit chains

commit e3d2a5e852ceea587bfff5878e6e5c569f15116a upstream.

ASAN reports:

  src/cache.c:734:25: runtime error: load of value 189, which is not a valid value for type '_Bool'

because filter->reset.rule remains uninitialized.

Initialize filter and replace existing construct to initialize table and
chain which leaves remaining fields uninitialized.

Fixes: dbff26bfba83 ("cache: consolidate reset command")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/cache.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/cache.c b/src/cache.c
index d9324f74..ca00a818 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -969,13 +969,14 @@ err_ctx_list:
 static int implicit_chain_cache(struct netlink_ctx *ctx, struct table *table,
 				const char *chain_name)
 {
-	struct nft_cache_filter filter;
+	struct nft_cache_filter filter = {};
 	struct chain *chain;
 	int ret = 0;
 
 	list_for_each_entry(chain, &table->chain_bindings, cache.list) {
 		filter.list.table = table->handle.table.name;
 		filter.list.chain = chain->handle.chain.name;
+
 		ret = rule_init_cache(ctx, table, &filter);
 	}
 
-- 
2.47.2