ipfilter: Plug ip_htable kernel information leak

ipf_htable_stats_get() constructs an iphtstat_t on the stack and only
initializes select fields before copying the entire structure to
userland. The trailing padding array iphs_pad[16] is never initialized,
so ~128 bytes of uninitialized kernel stack memory can be leaked to user
space on each call. This is a classic information disclosure
vulnerability that can reveal pointers and other sensitive data.

We fix this by zeroing out the data structure prior to use.

Reported by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Reviewed by: emaste
MFC after: 3 days
Differential revision: https://reviews.freebsd.org/D53275