diff mbox series

[nft,v2] cache: initialize filter when fetching implicit chains

Message ID 20240917192523.316471-1-pablo@netfilter.org
State Accepted
Headers show
Series [nft,v2] cache: initialize filter when fetching implicit chains | expand

Commit Message

Pablo Neira Ayuso Sept. 17, 2024, 7:25 p.m. UTC 
ASAN reports:

  src/cache.c:734:25: runtime error: load of value 189, which is not a valid value for type '_Bool'

because filter->reset.rule remains uninitialized.

Initialize filter and replace existing construct to initialize table and
chain when filtering which was to be leaving remaining fields
uninitialized.

Fixes: dbff26bfba83 ("cache: consolidate reset command")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
v2: replace construct which does not initialize remaining fields.

 src/cache.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)
diff mbox series

Patch

diff --git a/src/cache.c b/src/cache.c
index c8ef16033551..b75a5bf3283c 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -1118,15 +1118,14 @@  err_ctx_list:
 static int implicit_chain_cache(struct netlink_ctx *ctx, struct table *table,
 				const char *chain_name)
 {
-	struct nft_cache_filter filter;
+	struct nft_cache_filter filter = {};
 	struct chain *chain;
 	int ret = 0;
 
 	list_for_each_entry(chain, &table->chain_bindings, cache.list) {
-		filter.list = (typeof(filter.list)) {
-			.table = table->handle.table.name,
-			.chain = chain->handle.chain.name,
-		};
+		filter.list.table = table->handle.table.name;
+		filter.list.chain = chain->handle.chain.name;
+
 		ret = rule_init_cache(ctx, table, &filter);
 	}