The branch main has been updated by kp:
URL:
https://cgit.FreeBSD.org/src/commit/?id=581e064ddeb431d1ac304c48c176c88a14424fd9
commit 581e064ddeb431d1ac304c48c176c88a14424fd9
Author: Kristof Provost <k...@freebsd.org>
AuthorDate: 2025-05-30 08:10:18 +0000
Commit: Kristof Provost <k...@freebsd.org>
CommitDate: 2025-05-30 13:15:54 +0000
libpfctl: clear out source nodes before retrieving them
Zero out the struct pfctl_src_node before we read the next one. Avoid having
stray stack information (or the previous source node) influence our result.
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
lib/libpfctl/libpfctl.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c
index a4afa26f0afe..cbc193268505 100644
--- a/lib/libpfctl/libpfctl.c
+++ b/lib/libpfctl/libpfctl.c
@@ -3060,6 +3060,7 @@ pfctl_get_srcnodes(struct pfctl_handle *h,
pfctl_get_srcnode_fn fn, void *arg)
return (ENXIO);
while ((hdr = snl_read_reply_multi(&h->ss, seq_id, &e)) != NULL) {
+ bzero(&sn, sizeof(sn));
if (!snl_parse_nlmsg(&h->ss, hdr, &srcnode_parser, &sn))
continue;
