diff options
author | Patrick McHardy <kaber@trash.net> | 2010-01-19 19:06:59 +0100 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2010-01-19 19:06:59 +0100 |
commit | 135d01899b1fba17045961febff7e5141db6048f (patch) | |
tree | c20ddc09321041fdafaacb209982b265fff34d58 /net | |
parent | netfilter: ebtables: enforce CAP_NET_ADMIN (diff) | |
download | linux-135d01899b1fba17045961febff7e5141db6048f.tar.xz linux-135d01899b1fba17045961febff7e5141db6048f.zip |
netfilter: nf_conntrack_sip: fix off-by-one in compact header parsing
In a string like "v:SIP/2.0..." it was checking for !isalpha('S') when it
meant to be inspecting the ':'.
Patch by Greg Alexander <greqcs@galexander.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/nf_conntrack_sip.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c index 4b572163784b..023966b569bf 100644 --- a/net/netfilter/nf_conntrack_sip.c +++ b/net/netfilter/nf_conntrack_sip.c @@ -376,7 +376,7 @@ int ct_sip_get_header(const struct nf_conn *ct, const char *dptr, dptr += hdr->len; else if (hdr->cname && limit - dptr >= hdr->clen + 1 && strnicmp(dptr, hdr->cname, hdr->clen) == 0 && - !isalpha(*(dptr + hdr->clen + 1))) + !isalpha(*(dptr + hdr->clen))) dptr += hdr->clen; else continue; |