]> git.ipfire.org Git - thirdparty/nftables.git/commitdiff
projects / thirdparty / nftables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4795a99)
evaluate: skip binary transfer for named sets
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 26 Mar 2019 12:09:21 +0000 (13:09 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 26 Mar 2019 12:26:53 +0000 (13:26 +0100)
Set may be empty, content might be yet unknown, we cannot do any
transfer in this case.

Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1327
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
src/evaluate.c patch | blob | blame | history

diff --git a/src/evaluate.c b/src/evaluate.c
index 54afc33401867bec04ad3c1b5d96041b4b05eb44..94377da993359ebd8f092a1d6811608d4eb72bcc 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1606,6 +1606,9 @@ static int __binop_transfer(struct eval_ctx *ctx,
                }
                break;
        case EXPR_SET_REF:
+               if (!((*right)->set->flags & NFT_SET_ANONYMOUS))
+                       return 0;
+
                return __binop_transfer(ctx, left, &(*right)->set->init);
        default:
                return 0;
Mirror of git://git.netfilter.org/nftables