]> git.ipfire.org Git - thirdparty/nftables.git/commit
projects / thirdparty / nftables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 972ee91) | patch
evaluate: reject attempt to update a set
authorFlorian Westphal <fw@strlen.de>
Mon, 4 Dec 2023 21:00:06 +0000 (22:00 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 12 Dec 2023 12:30:09 +0000 (13:30 +0100)
commit31d874c2e45958af8f3ed6015d6ab8626ab0e48b
tree20859e92fa4a34ea8cc85d06053e6244220a2d50tree | snapshot
parent972ee91aebd81d9312d84b3ac7ffccce7e35b5d1commit | diff
evaluate: reject attempt to update a set

commit 5f43ea807bb0f5b30f332c2c96f13e33c9243d22 upstream.

This will crash as set->data is NULL, so check that SET_REF is pointing
to a map:

Error: candidates_ipv4 is not a map
tcp dport 10003 ip saddr . tcp dport @candidates_ipv4 add @candidates_ipv4 { ip saddr . 10 :0004 timeout 1s }
                                     ~~~~~~~~~~~~~~~~

Signed-off-by: Florian Westphal <fw@strlen.de>
src/evaluate.c diff | blob | blame | history
tests/shell/testcases/bogons/nft-f/add_to_a_set_crash [new file with mode: 0644] blob
Mirror of git://git.netfilter.org/nftables