mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-30 06:10:56 +00:00
netfilter: nf_tables: initialize registers in nft_do_chain()
Initialize registers to avoid stack leak into userspace.
Fixes: 96518518cc
("netfilter: add nftables")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
6e1acfa387
commit
4c905f6740
1 changed files with 1 additions and 1 deletions
|
@ -201,7 +201,7 @@ nft_do_chain(struct nft_pktinfo *pkt, void *priv)
|
|||
const struct nft_rule_dp *rule, *last_rule;
|
||||
const struct net *net = nft_net(pkt);
|
||||
const struct nft_expr *expr, *last;
|
||||
struct nft_regs regs;
|
||||
struct nft_regs regs = {};
|
||||
unsigned int stackptr = 0;
|
||||
struct nft_jumpstack jumpstack[NFT_JUMP_STACK_SIZE];
|
||||
bool genbit = READ_ONCE(net->nft.gencursor);
|
||||
|
|
Loading…
Reference in a new issue