Unbreak xtables-translate

Fixed commit broke xtables-translate which still relied upon do_parse() to properly initialize the passed iptables_command_state reference. To allow for callers to preset fields, this doesn't happen anymore so do_command_xlate() has to initialize itself. Otherwise garbage from stack is read leading to segfaults and program aborts. Although init_cs callback is used by arptables only and arptables-translate has not been implemented, do call it if set just to avoid future issues. Fixes: cfdda18044d81 ("nft-shared: Introduce init_cs family ops callback") Signed-off-by: Phil Sutter <phil@nwl.cc> Tested-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2021-11-06 21:38:14 +0100
committer: Phil Sutter <phil@nwl.cc> 2021-11-08 12:22:36 +0100
commit: b8d5271de4f7cc6ffeeca589ea4706e316599015 (patch)
tree: 017901a038d1a9b6b856cbb045d4caf26d8e08ec /iptables/xtables-translate.c
parent: 0af80a91b0a98891d3cbc891a7377281b4080035 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c
index 086b85d2..e2948c50 100644
--- a/iptables/xtables-translate.c
+++ b/iptables/xtables-translate.c
@@ -253,11 +253,18 @@ static int do_command_xlate(struct nft_handle *h, int argc, char *argv[],
 		.restore	= restore,
 		.xlate		= true,
 	};
-	struct iptables_command_state cs;
+	struct iptables_command_state cs = {
+		.jumpto = "",
+		.argv = argv,
+	};
+
 	struct xtables_args args = {
 		.family = h->family,
 	};
 
+	if (h->ops->init_cs)
+		h->ops->init_cs(&cs);
+
 	do_parse(h, argc, argv, &p, &cs, &args);
 
 	cs.restore = restore;
author	Phil Sutter <phil@nwl.cc>	2021-11-06 21:38:14 +0100
committer	Phil Sutter <phil@nwl.cc>	2021-11-08 12:22:36 +0100
commit	b8d5271de4f7cc6ffeeca589ea4706e316599015 (patch)
tree	017901a038d1a9b6b856cbb045d4caf26d8e08ec /iptables/xtables-translate.c
parent	0af80a91b0a98891d3cbc891a7377281b4080035 (diff)