When reading sufficiently malformed input, parser might hit end of
loop without having written the current table name into curtable and
therefore calling strcmp() with uninitialized buffer. Avoid this by
setting curtable to zero upon declaration.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/ip6tables-restore.c | 2 +-
iptables/iptables-restore.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c
index 51294f24ec904..2bb303ac755b6 100644
--- a/iptables/ip6tables-restore.c
+++ b/iptables/ip6tables-restore.c
@@ -84,7 +84,7 @@ int ip6tables_restore_main(int argc, char *argv[])
struct xtc_handle *handle = NULL;
char buffer[10240];
int c, lock;
- char curtable[XT_TABLE_MAXNAMELEN + 1];
+ char curtable[XT_TABLE_MAXNAMELEN + 1] = {};
FILE *in;
int in_table = 0, testing = 0;
const char *tablename = NULL;
diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c
index f596b46c7dce2..5c211d07fa453 100644
--- a/iptables/iptables-restore.c
+++ b/iptables/iptables-restore.c
@@ -82,7 +82,7 @@ iptables_restore_main(int argc, char *argv[])
struct xtc_handle *handle = NULL;
char buffer[10240];
int c, lock;
- char curtable[XT_TABLE_MAXNAMELEN + 1];
+ char curtable[XT_TABLE_MAXNAMELEN + 1] = {};
FILE *in;
int in_table = 0, testing = 0;
const char *tablename = NULL;
--
2.18.0
