[conntrack-tools PATCH] conntrackd: cthelper: ssdp: Fix parsing of IPv6 M-SEARCH requests.

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [conntrack-tools PATCH] conntrackd: cthelper: ssdp: Fix parsing of IPv6 M-SEARCH requests.
@ 2022-01-08  7:32 Aaron Thompson
  2022-01-09 16:22 ` Pablo Neira Ayuso
  0 siblings, 1 reply; 2+ messages in thread
From: Aaron Thompson @ 2022-01-08  7:32 UTC (permalink / raw)
  To: netfilter-devel; +Cc: Aaron Thompson

Use the already correctly determined transport header offset instead of
assuming that the packet is IPv4.

Signed-off-by: Aaron Thompson <dev@aaront.org>
---
 src/helpers/ssdp.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/src/helpers/ssdp.c b/src/helpers/ssdp.c
index 56526f4..0c6f563 100644
--- a/src/helpers/ssdp.c
+++ b/src/helpers/ssdp.c
@@ -48,7 +48,6 @@
 #include <errno.h>
 #include <stdlib.h>
 #include <arpa/inet.h>
-#include <netinet/ip.h>
 #define _GNU_SOURCE
 #include <netinet/tcp.h>
 #include <netinet/udp.h>
@@ -159,11 +158,9 @@ static int handle_ssdp_new(struct pkt_buff *pkt, uint32_t protoff,
 {
 	int ret = NF_ACCEPT;
 	union nfct_attr_grp_addr daddr, saddr, taddr;
-	struct iphdr *net_hdr = (struct iphdr *)pktb_network_header(pkt);
 	int good_packet = 0;
 	struct nf_expect *exp;
 	uint16_t port;
-	unsigned int dataoff;
 	void *sb_ptr;
 
 	cthelper_get_addr_dst(myct->ct, MYCT_DIR_ORIG, &daddr);
@@ -201,13 +198,12 @@ static int handle_ssdp_new(struct pkt_buff *pkt, uint32_t protoff,
 	}
 
 	/* No data? Ignore */
-	dataoff = net_hdr->ihl*4 + sizeof(struct udphdr);
-	if (dataoff >= pktb_len(pkt)) {
+	if (protoff + sizeof(struct udphdr) >= pktb_len(pkt)) {
 		pr_debug("ssdp_help: UDP payload too small for M-SEARCH; ignoring\n");
 		return NF_ACCEPT;
 	}
 
-	sb_ptr = pktb_network_header(pkt) + dataoff;
+	sb_ptr = pktb_network_header(pkt) + protoff + sizeof(struct udphdr);
 
 	if (memcmp(sb_ptr, SSDP_M_SEARCH, SSDP_M_SEARCH_SIZE) != 0) {
 		pr_debug("ssdp_help: UDP payload does not begin with 'M-SEARCH'; ignoring\n");
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [conntrack-tools PATCH] conntrackd: cthelper: ssdp: Fix parsing of IPv6 M-SEARCH requests.
  2022-01-08  7:32 [conntrack-tools PATCH] conntrackd: cthelper: ssdp: Fix parsing of IPv6 M-SEARCH requests Aaron Thompson
@ 2022-01-09 16:22 ` Pablo Neira Ayuso
  0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2022-01-09 16:22 UTC (permalink / raw)
  To: Aaron Thompson; +Cc: netfilter-devel

On Sat, Jan 08, 2022 at 07:32:47AM +0000, Aaron Thompson wrote:
> Use the already correctly determined transport header offset instead of
> assuming that the packet is IPv4.

Applied, thanks

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2022-01-09 16:22 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-01-08  7:32 [conntrack-tools PATCH] conntrackd: cthelper: ssdp: Fix parsing of IPv6 M-SEARCH requests Aaron Thompson
2022-01-09 16:22 ` Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).