> If we don't memset acl result array before matching,
> we can get arbitrary dirty data from memory.
I don't think it is the case.
acl_classify() on successful completion will always populate result array.
The only exception - user provided ivalid input parameters, or acl ctx is not
build, etc.
So no need to do memset() here.
> Signed-off-by: Zhiheng Chen <chenzhiheng0...@gmail.com>
> ---
> examples/l3fwd-acl/main.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/examples/l3fwd-acl/main.c b/examples/l3fwd-acl/main.c
> index 1fb1807235..7b9539b3ca 100644
> --- a/examples/l3fwd-acl/main.c
> +++ b/examples/l3fwd-acl/main.c
> @@ -738,6 +738,9 @@ prepare_acl_parameter(struct rte_mbuf **pkts_in, struct
> acl_search_t *acl,
> acl->num_ipv4 = 0;
> acl->num_ipv6 = 0;
>
> + memset(acl->res_ipv4, 0, sizeof(acl->res_ipv4));
> + memset(acl->res_ipv6, 0, sizeof(acl->res_ipv6));
> +
> /* Prefetch first packets */
> for (i = 0; i < PREFETCH_OFFSET && i < nb_rx; i++) {
> rte_prefetch0(rte_pktmbuf_mtod(
> --
> 2.32.0
