[NETFILTER]: nf_conntrack_sip: fix some off-by-ones

"limit" marks the first character outside the bounds. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Patrick McHardy <kaber@trash.net> 2008-03-25 23:10:11 -0400
committer: David S. Miller <davem@davemloft.net> 2008-03-25 23:10:11 -0400
commit: b1ec488b1fb3c7a8819857e3506787516ca1ed4d (patch)
tree: 0556796cf13e1f027e36b6d86741f2b4ac6ca4e5
parent: 3d244121d88cd9b0baa12c25ff25561e7b4f71cd (diff)
1 files changed, 8 insertions, 8 deletions
diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c
index 0021d5b60cec..016e1c1aafe4 100644
--- a/net/netfilter/nf_conntrack_sip.c
+++ b/net/netfilter/nf_conntrack_sip.c
@@ -192,10 +192,10 @@ int ct_sip_lnlen(const char *line, const char *limit)
 {
        const char *k = line;
-        while ((line <= limit) && (*line == '\r' || *line == '\n'))
+        while ((line < limit) && (*line == '\r' || *line == '\n'))
                line++;
-        while (line <= limit) {
+        while (line < limit) {
                if (*line == '\r' || *line == '\n')
                        break;
                line++;
@@ -211,7 +211,7 @@ const char *ct_sip_search(const char *needle, const char *haystack,
 {
        const char *limit = haystack + (haystack_len - needle_len);
-        while (haystack <= limit) {
+        while (haystack < limit) {
                if (case_sensitive) {
                        if (strncmp(haystack, needle, needle_len) == 0)
                                return haystack;
@@ -229,7 +229,7 @@ static int digits_len(const struct nf_conn *ct, const char *dptr,
                      const char *limit, int *shift)
 {
        int len = 0;
-        while (dptr <= limit && isdigit(*dptr)) {
+        while (dptr < limit && isdigit(*dptr)) {
                dptr++;
                len++;
        }
@@ -240,7 +240,7 @@ static int digits_len(const struct nf_conn *ct, const char *dptr,
 static int skp_digits_len(const struct nf_conn *ct, const char *dptr,
                          const char *limit, int *shift)
 {
-        for (; dptr <= limit && *dptr == ' '; dptr++)
+        for (; dptr < limit && *dptr == ' '; dptr++)
                (*shift)++;
        return digits_len(ct, dptr, limit, shift);
@@ -302,13 +302,13 @@ static int skp_epaddr_len(const struct nf_conn *ct, const char *dptr,
        /* Search for @, but stop at the end of the line.
         * We are inside a sip: URI, so we don't need to worry about
         * continuation lines. */
-        while (dptr <= limit &&
+        while (dptr < limit &&
               *dptr != '@' && *dptr != '\r' && *dptr != '\n') {
                (*shift)++;
                dptr++;
        }
-        if (dptr <= limit && *dptr == '@') {
+        if (dptr < limit && *dptr == '@') {
                dptr++;
                (*shift)++;
        } else {
@@ -332,7 +332,7 @@ int ct_sip_get_info(const struct nf_conn *ct,
        limit = dptr + (dlen - hnfo->lnlen);
-        while (dptr <= limit) {
+        while (dptr < limit) {
                if ((strncmp(dptr, hnfo->lname, hnfo->lnlen) != 0) &&
                    (hnfo->sname == NULL ||
                     strncmp(dptr, hnfo->sname, hnfo->snlen) != 0)) {
author	Patrick McHardy <kaber@trash.net>	2008-03-25 23:10:11 -0400
committer	David S. Miller <davem@davemloft.net>	2008-03-25 23:10:11 -0400
commit	b1ec488b1fb3c7a8819857e3506787516ca1ed4d (patch)
tree	0556796cf13e1f027e36b6d86741f2b4ac6ca4e5
parent	3d244121d88cd9b0baa12c25ff25561e7b4f71cd (diff)

diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c index 0021d5b60cec..016e1c1aafe4 100644 --- a/net/netfilter/nf_conntrack_sip.c +++ b/net/netfilter/nf_conntrack_sip.c
@@ -192,10 +192,10 @@ int ct_sip_lnlen(const char line, const char limit)
192	{	192	{
193	const char *k = line;	193	const char *k = line;
194		194
195	while ((line <= limit) && (line == '\r' \|\| line == '\n'))	195	while ((line < limit) && (line == '\r' \|\| line == '\n'))
196	line++;	196	line++;
197		197
198	while (line <= limit) {	198	while (line < limit) {
199	if (line == '\r' \|\| line == '\n')	199	if (line == '\r' \|\| line == '\n')
200	break;	200	break;
201	line++;	201	line++;
@@ -211,7 +211,7 @@ const char ct_sip_search(const char needle, const char *haystack,
211	{	211	{
212	const char *limit = haystack + (haystack_len - needle_len);	212	const char *limit = haystack + (haystack_len - needle_len);
213		213
214	while (haystack <= limit) {	214	while (haystack < limit) {
215	if (case_sensitive) {	215	if (case_sensitive) {
216	if (strncmp(haystack, needle, needle_len) == 0)	216	if (strncmp(haystack, needle, needle_len) == 0)
217	return haystack;	217	return haystack;
@@ -229,7 +229,7 @@ static int digits_len(const struct nf_conn ct, const char dptr,
229	const char limit, int shift)	229	const char limit, int shift)
230	{	230	{
231	int len = 0;	231	int len = 0;
232	while (dptr <= limit && isdigit(*dptr)) {	232	while (dptr < limit && isdigit(*dptr)) {
233	dptr++;	233	dptr++;
234	len++;	234	len++;
235	}	235	}
@@ -240,7 +240,7 @@ static int digits_len(const struct nf_conn ct, const char dptr,
240	static int skp_digits_len(const struct nf_conn ct, const char dptr,	240	static int skp_digits_len(const struct nf_conn ct, const char dptr,
241	const char limit, int shift)	241	const char limit, int shift)
242	{	242	{
243	for (; dptr <= limit && *dptr == ' '; dptr++)	243	for (; dptr < limit && *dptr == ' '; dptr++)
244	(*shift)++;	244	(*shift)++;
245		245
246	return digits_len(ct, dptr, limit, shift);	246	return digits_len(ct, dptr, limit, shift);
@@ -302,13 +302,13 @@ static int skp_epaddr_len(const struct nf_conn ct, const char dptr,
302	/* Search for @, but stop at the end of the line.	302	/* Search for @, but stop at the end of the line.
303	* We are inside a sip: URI, so we don't need to worry about	303	* We are inside a sip: URI, so we don't need to worry about
304	* continuation lines. */	304	* continuation lines. */
305	while (dptr <= limit &&	305	while (dptr < limit &&
306	dptr != '@' && dptr != '\r' && *dptr != '\n') {	306	dptr != '@' && dptr != '\r' && *dptr != '\n') {
307	(*shift)++;	307	(*shift)++;
308	dptr++;	308	dptr++;
309	}	309	}
310		310
311	if (dptr <= limit && *dptr == '@') {	311	if (dptr < limit && *dptr == '@') {
312	dptr++;	312	dptr++;
313	(*shift)++;	313	(*shift)++;
314	} else {	314	} else {
@@ -332,7 +332,7 @@ int ct_sip_get_info(const struct nf_conn *ct,
332		332
333	limit = dptr + (dlen - hnfo->lnlen);	333	limit = dptr + (dlen - hnfo->lnlen);
334		334
335	while (dptr <= limit) {	335	while (dptr < limit) {
336	if ((strncmp(dptr, hnfo->lname, hnfo->lnlen) != 0) &&	336	if ((strncmp(dptr, hnfo->lname, hnfo->lnlen) != 0) &&
337	(hnfo->sname == NULL \|\|	337	(hnfo->sname == NULL \|\|
338	strncmp(dptr, hnfo->sname, hnfo->snlen) != 0)) {	338	strncmp(dptr, hnfo->sname, hnfo->snlen) != 0)) {