diff options
| author | Phil Sutter <phil@nwl.cc> | 2023-01-13 17:09:53 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-11-02 11:56:19 +0100 |
| commit | b1392e5d0857a9c2034aad56eafc1ad09b8f2003 (patch) | |
| tree | a973e8843f08087d30a96209ccfa4a9d2d9bc662 | |
| parent | 25710ab54fbdd221ac60471fe87f4eb9e579ef75 (diff) | |
optimize: Do not return garbage from stack
commit d4d47e5bdf943be494aeb5d5a29b8f5212acbddf upstream.
If input does not contain a single 'add' command (unusual, but
possible), 'ret' value was not initialized by nft_optimize() before
returning its value.
Fixes: fb298877ece27 ("src: add ruleset optimization infrastructure")
Signed-off-by: Phil Sutter <phil@nwl.cc>
| -rw-r--r-- | src/optimize.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/optimize.c b/src/optimize.c index 13aa1acc..d592aee0 100644 --- a/src/optimize.c +++ b/src/optimize.c @@ -1215,7 +1215,7 @@ static int cmd_optimize(struct nft_ctx *nft, struct cmd *cmd) int nft_optimize(struct nft_ctx *nft, struct list_head *cmds) { struct cmd *cmd; - int ret; + int ret = 0; list_for_each_entry(cmd, cmds, list) { switch (cmd->op) { |