ip{, 6}tables-restore: Fix for uninitialized array 'curtable'

When reading sufficiently malformed input, parser might hit end of loop without having written the current table name into curtable and therefore calling strcmp() with uninitialized buffer. Avoid this by setting curtable to zero upon declaration. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Florian Westphal <fw@strlen.de>
author: Phil Sutter <phil@nwl.cc> 2018-09-19 15:16:46 +0200
committer: Florian Westphal <fw@strlen.de> 2018-09-24 11:23:52 +0200
commit: 4e499d53d558bed55c8fe74390250dbfd6da3efc (patch)
tree: 2627cdf09cb34ad7319fb70f75688d24fa33d656 /iptables
parent: 1788f545aae285fa3cd6595d5d25b2ae1b215282 (diff)
2 files changed, 2 insertions, 2 deletions
diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c
index 51294f24..2bb303ac 100644
--- a/iptables/ip6tables-restore.c
+++ b/iptables/ip6tables-restore.c
@@ -84,7 +84,7 @@ int ip6tables_restore_main(int argc, char *argv[])
 	struct xtc_handle *handle = NULL;
 	char buffer[10240];
 	int c, lock;
-	char curtable[XT_TABLE_MAXNAMELEN + 1];
+	char curtable[XT_TABLE_MAXNAMELEN + 1] = {};
 	FILE *in;
 	int in_table = 0, testing = 0;
 	const char *tablename = NULL;
diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c
index f596b46c..5c211d07 100644
--- a/iptables/iptables-restore.c
+++ b/iptables/iptables-restore.c
@@ -82,7 +82,7 @@ iptables_restore_main(int argc, char *argv[])
 	struct xtc_handle *handle = NULL;
 	char buffer[10240];
 	int c, lock;
-	char curtable[XT_TABLE_MAXNAMELEN + 1];
+	char curtable[XT_TABLE_MAXNAMELEN + 1] = {};
 	FILE *in;
 	int in_table = 0, testing = 0;
 	const char *tablename = NULL;
author	Phil Sutter <phil@nwl.cc>	2018-09-19 15:16:46 +0200
committer	Florian Westphal <fw@strlen.de>	2018-09-24 11:23:52 +0200
commit	4e499d53d558bed55c8fe74390250dbfd6da3efc (patch)
tree	2627cdf09cb34ad7319fb70f75688d24fa33d656 /iptables
parent	1788f545aae285fa3cd6595d5d25b2ae1b215282 (diff)