On Tue, Aug 20, 2024 at 11:56:11AM +0200, Florian Westphal wrote: > Reject rules where a load occurs from a register that has not seen a store > early in the same rule. > > At the moment this is allowed, interpreter has to memset() the registers > to avoid leaking stack information to userspace. > > Detect and reject this from transaction phase instead. Applied to nf-next, thanks
