diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-03-26 13:09:21 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-03-26 13:26:53 +0100 |
commit | f01940d69e2a4d8e9e151da8d4d39f78d08528cf (patch) | |
tree | 25bc1d8daaac064d0bb80c969efb49a49b6eeda1 | |
parent | 4795a994e2810c63d8da19b5f75854db470e4a6c (diff) |
evaluate: skip binary transfer for named sets
Set may be empty, content might be yet unknown, we cannot do any
transfer in this case.
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1327
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/evaluate.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index 54afc334..94377da9 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -1606,6 +1606,9 @@ static int __binop_transfer(struct eval_ctx *ctx, } break; case EXPR_SET_REF: + if (!((*right)->set->flags & NFT_SET_ANONYMOUS)) + return 0; + return __binop_transfer(ctx, left, &(*right)->set->init); default: return 0; |