netfilter: nf_tables: initialize registers in nft_do_chain()

Initialize registers to avoid stack leak into userspace. Fixes: 96518518cc41 ("netfilter: add nftables") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2022-03-17 12:04:42 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2022-03-17 15:50:27 +0100
commit: 4c905f6740a365464e91467aa50916555b28213d (patch)
tree: 710abe335cb0852de63d7cd4a5289dda487dd2fa /net/netfilter/nf_tables_core.c
parent: 6e1acfa387b9ff82cfc7db8cc3b6959221a95851 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_tables_core.c b/net/netfilter/nf_tables_core.c
index 36e73f9828c5..8af98239655d 100644
--- a/net/netfilter/nf_tables_core.c
+++ b/net/netfilter/nf_tables_core.c
@@ -201,7 +201,7 @@ nft_do_chain(struct nft_pktinfo *pkt, void *priv)
 	const struct nft_rule_dp *rule, *last_rule;
 	const struct net *net = nft_net(pkt);
 	const struct nft_expr *expr, *last;
-	struct nft_regs regs;
+	struct nft_regs regs = {};
 	unsigned int stackptr = 0;
 	struct nft_jumpstack jumpstack[NFT_JUMP_STACK_SIZE];
 	bool genbit = READ_ONCE(net->nft.gencursor);
author	Pablo Neira Ayuso <pablo@netfilter.org>	2022-03-17 12:04:42 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2022-03-17 15:50:27 +0100
commit	4c905f6740a365464e91467aa50916555b28213d (patch)
tree	710abe335cb0852de63d7cd4a5289dda487dd2fa /net/netfilter/nf_tables_core.c
parent	6e1acfa387b9ff82cfc7db8cc3b6959221a95851 (diff)