If we don't memset acl result array before matching,
we can get arbitrary dirty data from memory.
Signed-off-by: Zhiheng Chen <chenzhiheng0...@gmail.com>
---
examples/l3fwd-acl/main.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/examples/l3fwd-acl/main.c b/examples/l3fwd-acl/main.c
index 1fb1807235..7b9539b3ca 100644
--- a/examples/l3fwd-acl/main.c
+++ b/examples/l3fwd-acl/main.c
@@ -738,6 +738,9 @@ prepare_acl_parameter(struct rte_mbuf **pkts_in, struct
acl_search_t *acl,
acl->num_ipv4 = 0;
acl->num_ipv6 = 0;
+ memset(acl->res_ipv4, 0, sizeof(acl->res_ipv4));
+ memset(acl->res_ipv6, 0, sizeof(acl->res_ipv6));
+
/* Prefetch first packets */
for (i = 0; i < PREFETCH_OFFSET && i < nb_rx; i++) {
rte_prefetch0(rte_pktmbuf_mtod(
--
2.32.0
