summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2017-12-14 20:40:23 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2017-12-15 16:22:53 +0100
commitdbaf6ea8f6a1a1e7f1d5abc2e4e2fef891c471b7 (patch)
treed57e46a4dc0895f52ae5987a1539d1a3d7735916 /src
parent8f228f6842494ea7f83ff9aaa19ec32681628c9f (diff)
ruleset: Avoid reading garbage in nftnl_ruleset_cb()
If nftnl_ruleset_json_parse() is called with arg == NULL, ctx.data is left uninitialized and will later be used in nftnl_ruleset_cb(). Avoid this by using a C99-style initializer for 'ctx' which sets all omitted fields to zero. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/ruleset.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/src/ruleset.c b/src/ruleset.c
index 3de9b87..cf86ca6 100644
--- a/src/ruleset.c
+++ b/src/ruleset.c
@@ -519,11 +519,11 @@ static int nftnl_ruleset_json_parse(const void *json,
json_error_t error;
int i, len;
const char *key;
- struct nftnl_parse_ctx ctx;
-
- ctx.cb = cb;
- ctx.format = type;
- ctx.flags = 0;
+ struct nftnl_parse_ctx ctx = {
+ .cb = cb,
+ .format = type,
+ .flags = 0,
+ };
ctx.set_list = nftnl_set_list_alloc();
if (ctx.set_list == NULL)