iptables: replace memset by c99-style initializers

This cleans up a few obvious cases identified by grepping the source
code for 'memset'.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>

9 files changed, 27 insertions, 43 deletions

diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c
index ceffa616..cc50bb4f 100644
--- a/iptables/ip6tables-restore.c
+++ b/iptables/ip6tables-restore.c
@@ -393,7 +393,7 @@ int ip6tables_restore_main(int argc, char *argv[])
 			}
 
 			if (strcmp(policy, "-") != 0) {
-				struct xt_counters count;
+				struct xt_counters count = {};
 
 				if (counters) {
 					char *ctrs;
@@ -403,9 +403,6 @@ int ip6tables_restore_main(int argc, char *argv[])
 						xtables_error(PARAMETER_PROBLEM,
 							  "invalid policy counters "
 							  "for chain '%s'\n", chain);
-
-				} else {
-					memset(&count, 0, sizeof(count));
 				}
 
 				DEBUGP("Setting policy of chain %s to %s\n",
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
index 2cb115f5..3bd1e5fa 100644
--- a/iptables/ip6tables.c
+++ b/iptables/ip6tables.c
@@ -1351,7 +1351,10 @@ static void command_match(struct iptables_command_state *cs)
 int do_command6(int argc, char *argv[], char **table,
 		struct xtc_handle **handle, bool restore)
 {
-	struct iptables_command_state cs;
+	struct iptables_command_state cs = {
+		.jumpto	= "",
+		.argv	= argv,
+	};
 	struct ip6t_entry *e = NULL;
 	unsigned int nsaddrs = 0, ndaddrs = 0;
 	struct in6_addr *saddrs = NULL, *daddrs = NULL;
@@ -1374,10 +1377,6 @@ int do_command6(int argc, char *argv[], char **table,
 	struct xtables_target *t;
 	unsigned long long cnt;
 
-	memset(&cs, 0, sizeof(cs));
-	cs.jumpto = "";
-	cs.argv = argv;
-
 	/* re-set optind to 0 in case do_command6 gets called
 	 * a second time */
 	optind = 0;
diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c
index 39198752..d5603fce 100644
--- a/iptables/iptables-restore.c
+++ b/iptables/iptables-restore.c
@@ -391,7 +391,7 @@ iptables_restore_main(int argc, char *argv[])
 			}
 
 			if (strcmp(policy, "-") != 0) {
-				struct xt_counters count;
+				struct xt_counters count = {};
 
 				if (counters) {
 					char *ctrs;
@@ -401,9 +401,6 @@ iptables_restore_main(int argc, char *argv[])
 						xtables_error(PARAMETER_PROBLEM,
 							   "invalid policy counters "
 							   "for chain '%s'\n", chain);
-
-				} else {
-					memset(&count, 0, sizeof(count));
 				}
 
 				DEBUGP("Setting policy of chain %s to %s\n",
diff --git a/iptables/iptables.c b/iptables/iptables.c
index 08ea7afa..428fae4e 100644
--- a/iptables/iptables.c
+++ b/iptables/iptables.c
@@ -1345,7 +1345,10 @@ static void command_match(struct iptables_command_state *cs)
 int do_command4(int argc, char *argv[], char **table,
 		struct xtc_handle **handle, bool restore)
 {
-	struct iptables_command_state cs;
+	struct iptables_command_state cs = {
+		.jumpto	= "",
+		.argv	= argv,
+	};
 	struct ipt_entry *e = NULL;
 	unsigned int nsaddrs = 0, ndaddrs = 0;
 	struct in_addr *saddrs = NULL, *smasks = NULL;
@@ -1367,10 +1370,6 @@ int do_command4(int argc, char *argv[], char **table,
 	struct xtables_target *t;
 	unsigned long long cnt;
 
-	memset(&cs, 0, sizeof(cs));
-	cs.jumpto = "";
-	cs.argv = argv;
-
 	/* re-set optind to 0 in case do_command4 gets called
 	 * a second time */
 	optind = 0;
diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c
index 917d802e..4b3c163b 100644
--- a/iptables/nft-bridge.c
+++ b/iptables/nft-bridge.c
@@ -217,10 +217,7 @@ static void nft_bridge_parse_meta(struct nft_xt_ctx *ctx,
 	struct iptables_command_state *cs = data;
 	struct ebt_entry *fw = &cs->eb;
 	uint8_t invflags = 0;
-	char iifname[IFNAMSIZ], oifname[IFNAMSIZ];
-
-	memset(iifname, 0, sizeof(iifname));
-	memset(oifname, 0, sizeof(oifname));
+	char iifname[IFNAMSIZ] = {}, oifname[IFNAMSIZ] = {};
 
 	parse_meta(e, ctx->meta.key, iifname, NULL, oifname, NULL, &invflags);
 
diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c
index eb03beb7..ffe47786 100644
--- a/iptables/xtables-arp.c
+++ b/iptables/xtables-arp.c
@@ -588,16 +588,15 @@ static struct in_addr *
 host_to_addr(const char *name, unsigned int *naddr)
 {
 	struct in_addr *addr;
-	struct addrinfo hints;
+	struct addrinfo hints = {
+		.ai_flags	= AI_CANONNAME,
+		.ai_family	= AF_INET,
+		.ai_socktype	= SOCK_RAW,
+	};;
 	struct addrinfo *res, *p;
 	int err;
 	unsigned int i;
 
-	memset(&hints, 0, sizeof(hints));
-	hints.ai_flags	  = AI_CANONNAME;
-	hints.ai_family	  = AF_INET;
-	hints.ai_socktype = SOCK_RAW;
-
 	*naddr = 0;
 	err = getaddrinfo(name, NULL, &hints, &res);
 	if (err != 0)
@@ -932,7 +931,9 @@ delete_entry(const char *chain,
 
 int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table)
 {
-	struct arptables_command_state cs;
+	struct arptables_command_state cs = {
+		.jumpto = "",
+	};
 	int invert = 0;
 	unsigned int nsaddrs = 0, ndaddrs = 0;
 	struct in_addr *saddrs = NULL, *daddrs = NULL;
@@ -946,9 +947,6 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table)
 	int ret = 1;
 	struct xtables_target *t;
 
-	memset(&cs, 0, sizeof(cs));
-	cs.jumpto = "";
-
 	opts = original_opts;
 	global_option_offset = 0;
 
diff --git a/iptables/xtables-eb-translate.c b/iptables/xtables-eb-translate.c
index 42b88e35..1e66bf71 100644
--- a/iptables/xtables-eb-translate.c
+++ b/iptables/xtables-eb-translate.c
@@ -288,7 +288,10 @@ static int do_commandeb_xlate(struct nft_handle *h, int argc, char *argv[], char
 	unsigned int flags = 0;
 	struct xtables_target *t, *w;
 	struct xtables_match *m;
-	struct iptables_command_state cs;
+	struct iptables_command_state cs = {
+		.argv		= argv,
+		.eb.bitmask	= EBT_NOPROTO,
+	};
 	char command = 'h';
 	const char *chain = NULL;
 	int exec_style = EXEC_STYLE_PRG;
@@ -299,9 +302,6 @@ static int do_commandeb_xlate(struct nft_handle *h, int argc, char *argv[], char
 		.table          = *table,
         };
 
-	memset(&cs, 0, sizeof(cs));
-	cs.argv = argv;
-
 	if (nft_init(h, xtables_bridge) < 0)
 		xtables_error(OTHER_PROBLEM,
 			      "Could not initialize nftables layer.");
@@ -328,7 +328,6 @@ static int do_commandeb_xlate(struct nft_handle *h, int argc, char *argv[], char
 
 	/* prevent getopt to spoil our error reporting */
 	opterr = false;
-	cs.eb.bitmask = EBT_NOPROTO;
 
 	printf("nft ");
 	/* Getopt saves the day */
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index 2f27656d..f4b39095 100644
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -744,7 +744,9 @@ int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table)
 	unsigned int flags = 0;
 	struct xtables_target *t, *w;
 	struct xtables_match *m;
-	struct iptables_command_state cs;
+	struct iptables_command_state cs = {
+		.argv = argv,
+	};
 	char command = 'h';
 	const char *chain = NULL;
 	const char *policy = NULL;
@@ -752,9 +754,6 @@ int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table)
 	struct xtables_rule_match *xtrm_i;
 	struct ebt_match *match;
 
-	memset(&cs, 0, sizeof(cs));
-	cs.argv = argv;
-
 	if (nft_init(h, xtables_bridge) < 0)
 		xtables_error(OTHER_PROBLEM,
 			      "Could not initialize nftables layer.");
diff --git a/iptables/xtables-monitor.c b/iptables/xtables-monitor.c
index 08292a79..dd380300 100644
--- a/iptables/xtables-monitor.c
+++ b/iptables/xtables-monitor.c
@@ -600,7 +600,7 @@ int xtables_monitor_main(int argc, char *argv[])
 	struct mnl_socket *nl;
 	char buf[MNL_SOCKET_BUFFER_SIZE];
 	uint32_t nfgroup = 0;
-	struct cb_arg cb_arg;
+	struct cb_arg cb_arg = {};
 	int ret, c;
 
 	xtables_globals.program_name = "xtables-monitor";
@@ -617,7 +617,6 @@ int xtables_monitor_main(int argc, char *argv[])
 	init_extensions4();
 #endif
 
-	memset(&cb_arg, 0, sizeof(cb_arg));
 	opterr = 0;
 	while ((c = getopt_long(argc, argv, "ceht46V", options, NULL)) != -1) {
 		switch (c) {