diff options
author | Phil Sutter <phil@nwl.cc> | 2019-12-05 11:40:26 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2019-12-06 12:12:08 +0100 |
commit | 48be21bf39f9af35d53af0e211cbd50dcfd12d08 (patch) | |
tree | d9dfd06587591b1ec505f4d1ffcef1e04996f460 | |
parent | b45b4e390341404ca019f7a0361fbbee748715a8 (diff) |
xtables-restore: Avoid access of uninitialized data
When flushing, 'buffer' is not written to prior to checking its first
byte's value. Therefore it needs to be initialized upon declaration.
Fixes: 09cb517949e69 ("xtables-restore: Improve performance of --noflush operation")
-rw-r--r-- | iptables/xtables-restore.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c index dd907e0b..63cc15ce 100644 --- a/iptables/xtables-restore.c +++ b/iptables/xtables-restore.c @@ -281,7 +281,7 @@ void xtables_restore_parse(struct nft_handle *h, const struct nft_xt_restore_parse *p) { struct nft_xt_restore_state state = {}; - char preload_buffer[PREBUFSIZ] = {}, buffer[10240], *ptr; + char preload_buffer[PREBUFSIZ] = {}, buffer[10240] = {}, *ptr; if (!h->noflush) { nft_fake_cache(h); |