]> git.feebdaed.xyz Git - 0xmirror/nftables.git/commit
projects / 0xmirror / nftables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 32c994f) | patch
rule: skip CMD_OBJ_SETELEMS with no elements after set flush
authorPablo Neira Ayuso <pablo@netfilter.org>
Wed, 19 Nov 2025 23:41:13 +0000 (00:41 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 24 Nov 2025 22:37:14 +0000 (23:37 +0100)
commit8b7a533f8f8b276bfa71dcb306d6857e54015234
treea581db6a4fc9a42864ce9f0530776034073d9b60tree | snapshot
parent32c994f84904e9854d527217ececf0b97d89410dcommit | diff
rule: skip CMD_OBJ_SETELEMS with no elements after set flush

Set declaration + set flush results in a crash because CMD_OBJ_SETELEMS
does not expect no elements. This internal command only shows up if set
contains elements, however, evaluation flushes set content after the set
expansion. Skip this command CMD_OBJ_SETELEMS if set is empty.

Fixes: d3c8051cb767 ("rule: rework CMD_OBJ_SETELEMS logic")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
src/rule.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.