evaluate: skip binary transfer for named sets

Set may be empty, content might be yet unknown, we cannot do any transfer in this case. Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1327 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2019-03-26 13:09:21 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2019-03-26 13:26:53 +0100
commit: f01940d69e2a4d8e9e151da8d4d39f78d08528cf (patch)
tree: 25bc1d8daaac064d0bb80c969efb49a49b6eeda1
parent: 4795a994e2810c63d8da19b5f75854db470e4a6c (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index 54afc334..94377da9 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1606,6 +1606,9 @@ static int __binop_transfer(struct eval_ctx *ctx,
 		}
 		break;
 	case EXPR_SET_REF:
+		if (!((*right)->set->flags & NFT_SET_ANONYMOUS))
+			return 0;
+
 		return __binop_transfer(ctx, left, &(*right)->set->init);
 	default:
 		return 0;
author	Pablo Neira Ayuso <pablo@netfilter.org>	2019-03-26 13:09:21 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2019-03-26 13:26:53 +0100
commit	f01940d69e2a4d8e9e151da8d4d39f78d08528cf (patch)
tree	25bc1d8daaac064d0bb80c969efb49a49b6eeda1
parent	4795a994e2810c63d8da19b5f75854db470e4a6c (diff)