aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2010-01-19 13:06:59 -0500
committerPatrick McHardy <kaber@trash.net>2010-01-19 13:06:59 -0500
commit135d01899b1fba17045961febff7e5141db6048f (patch)
treec20ddc09321041fdafaacb209982b265fff34d58
parentdce766af541f6605fa9889892c0280bab31c66ab (diff)
netfilter: nf_conntrack_sip: fix off-by-one in compact header parsing
In a string like "v:SIP/2.0..." it was checking for !isalpha('S') when it meant to be inspecting the ':'. Patch by Greg Alexander <greqcs@galexander.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
-rw-r--r--net/netfilter/nf_conntrack_sip.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c
index 4b572163784b..023966b569bf 100644
--- a/net/netfilter/nf_conntrack_sip.c
+++ b/net/netfilter/nf_conntrack_sip.c
@@ -376,7 +376,7 @@ int ct_sip_get_header(const struct nf_conn *ct, const char *dptr,
376 dptr += hdr->len; 376 dptr += hdr->len;
377 else if (hdr->cname && limit - dptr >= hdr->clen + 1 && 377 else if (hdr->cname && limit - dptr >= hdr->clen + 1 &&
378 strnicmp(dptr, hdr->cname, hdr->clen) == 0 && 378 strnicmp(dptr, hdr->cname, hdr->clen) == 0 &&
379 !isalpha(*(dptr + hdr->clen + 1))) 379 !isalpha(*(dptr + hdr->clen)))
380 dptr += hdr->clen; 380 dptr += hdr->clen;
381 else 381 else
382 continue; 382 continue;