diff options
author | Phil Sutter <phil@nwl.cc> | 2017-12-14 20:40:23 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-12-15 16:22:53 +0100 |
commit | dbaf6ea8f6a1a1e7f1d5abc2e4e2fef891c471b7 (patch) | |
tree | d57e46a4dc0895f52ae5987a1539d1a3d7735916 /src/ruleset.c | |
parent | 8f228f6842494ea7f83ff9aaa19ec32681628c9f (diff) |
ruleset: Avoid reading garbage in nftnl_ruleset_cb()
If nftnl_ruleset_json_parse() is called with arg == NULL, ctx.data is
left uninitialized and will later be used in nftnl_ruleset_cb(). Avoid
this by using a C99-style initializer for 'ctx' which sets all omitted
fields to zero.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/ruleset.c')
-rw-r--r-- | src/ruleset.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/ruleset.c b/src/ruleset.c index 3de9b87..cf86ca6 100644 --- a/src/ruleset.c +++ b/src/ruleset.c @@ -519,11 +519,11 @@ static int nftnl_ruleset_json_parse(const void *json, json_error_t error; int i, len; const char *key; - struct nftnl_parse_ctx ctx; - - ctx.cb = cb; - ctx.format = type; - ctx.flags = 0; + struct nftnl_parse_ctx ctx = { + .cb = cb, + .format = type, + .flags = 0, + }; ctx.set_list = nftnl_set_list_alloc(); if (ctx.set_list == NULL) |