From: Patrick McHardy <kaber@trash.net>
To: Jing Min Zhao <zhaojingmin@users.sourceforge.net>
Cc: Netfilter Development Mailinglist <netfilter-devel@lists.netfilter.org>
Subject: [NETFILTER]: H.323 helper: fix sequence extension parsing
Date: Mon, 22 May 2006 12:46:29 +0200 [thread overview]
Message-ID: <44719685.6000906@trash.net> (raw)
[-- Attachment #1: Type: text/plain, Size: 96 bytes --]
Doesn't really fix the crash I was seeing, but does hide it away :)
Anyway, its a real bug ...
[-- Attachment #2: 02.diff --]
[-- Type: text/plain, Size: 1244 bytes --]
[NETFILTER]: H.323 helper: fix sequence extension parsing
When parsing unknown sequence extensions the "son"-pointer points behind
the last known extension for this type, don't try to interpret it.
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit b3199d41dfddb7521bcc09ab0fc9925b5702c954
tree 7da1d63f6fa658506616cba8621dd1c348ef0c31
parent 27ce42efc29f421d4238c426769f057dd384bd14
author Patrick McHardy <kaber@trash.net> Mon, 22 May 2006 12:40:03 +0200
committer Patrick McHardy <kaber@trash.net> Mon, 22 May 2006 12:40:03 +0200
net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c b/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c
index 5f4d114..11862f1 100644
--- a/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c
+++ b/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c
@@ -555,7 +555,7 @@ int decode_seq(bitstr_t * bs, field_t *
/* Decode the extension components */
for (opt = 0; opt < bmp2_len; opt++, i++, son++) {
- if (son->attr & STOP) {
+ if (i < f->ub && son->attr & STOP) {
PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ",
son->name);
return H323_ERROR_STOP;
next reply other threads:[~2006-05-22 10:46 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-05-22 10:46 Patrick McHardy [this message]
2006-05-23 4:31 ` [NETFILTER]: H.323 helper: fix sequence extension parsing Jing Min Zhao
2006-05-23 9:20 ` Patrick McHardy
2006-05-23 15:28 ` Jing Min Zhao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44719685.6000906@trash.net \
--to=kaber@trash.net \
--cc=netfilter-devel@lists.netfilter.org \
--cc=zhaojingmin@users.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.