Initialize scratch memory for JIT-compiled filter when it is allocated.

Previously it may have contained unnecessary (even sensitive) data from
the previous allocation.
As a (good) side effect, scratch memory may be used to store the previous
filter state(s) safely because it is allocated and freed with filter itself.
However, use it carefully because bpf_filter(9) does not have this behavior.

MFC after:	3 days

1 files changed, 3 insertions, 1 deletions

diff --git a/sys/net/bpf_jitter.c b/sys/net/bpf_jitter.c
index d15bc93..cb644f4 100644
--- a/sys/net/bpf_jitter.c
+++ b/sys/net/bpf_jitter.c
@@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/sysctl.h>
 #else
 #include <stdlib.h>
+#include <string.h>
 #include <sys/types.h>
 #endif
 
@@ -67,7 +68,7 @@ bpf_jitter(struct bpf_insn *fp, int nins)
 
 	/* Allocate the filter structure */
 	filter = (struct bpf_jit_filter *)malloc(sizeof(*filter),
-	    M_BPFJIT, M_NOWAIT);
+	    M_BPFJIT, M_NOWAIT | M_ZERO);
 	if (filter == NULL)
 		return (NULL);
 
@@ -104,6 +105,7 @@ bpf_jitter(struct bpf_insn *fp, int nins)
 	filter = (struct bpf_jit_filter *)malloc(sizeof(*filter));
 	if (filter == NULL)
 		return (NULL);
+	memset(filter, 0, sizeof(*filter));
 
 	/* No filter means accept all */
 	if (fp == NULL || nins == 0) {