Comment # 17 on bug 1106751 from 
(In reply to Fabian Vogt from comment #6)
> diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
> index a6e70571..8c03ab42 100644
> --- a/libiptc/libiptc.c
> +++ b/libiptc/libiptc.c
> @@ -1303,6 +1303,7 @@ TC_INIT(const char *tablename)
>  {
>         struct xtc_handle *h;
>         STRUCT_GETINFO info;
> +       memset(&info, 0, sizeof(info));
>         unsigned int tmp;
>         socklen_t s;
>         int sockfd;
> 
> 
> Without this, iptables -L reads garbage from the struct as the kernel never
> filled it in the bugged case, leading to weird issues like mmapping a few
> TiB of memory.

Thanks! I've submitted this patch to openSUSE:Factory via sr#691502.

It was also reported upstream:
https://bugzilla.netfilter.org/show_bug.cgi?id=1331

You are receiving this mail because: