netfilter: nf_conntrack_sip: fix ct_sip_parse_request() REGISTER request parsing
authorPatrick McHardy <kaber@trash.net>
Thu, 11 Feb 2010 11:23:12 +0000 (12:23 +0100)
committerPatrick McHardy <kaber@trash.net>
Thu, 11 Feb 2010 11:23:12 +0000 (12:23 +0100)
When requests are parsed, the "sip:" part of the SIP URI should be skipped.

Usually this doesn't matter because address parsing skips forward until after
the username part, but in case REGISTER requests it doesn't contain a username
and the address can not be parsed.

Signed-off-by: Patrick McHardy <kaber@trash.net>
net/netfilter/nf_conntrack_sip.c

index 419c5cabb332ccbbea6823c2d92488bde9bb4fd7..0ca2f2b5c2fae00b1f0ef1ce2bfa728986134eb4 100644 (file)
@@ -236,12 +236,13 @@ int ct_sip_parse_request(const struct nf_conn *ct,
                return 0;
 
        /* Find SIP URI */
-       limit -= strlen("sip:");
-       for (; dptr < limit; dptr++) {
+       for (; dptr < limit - strlen("sip:"); dptr++) {
                if (*dptr == '\r' || *dptr == '\n')
                        return -1;
-               if (strnicmp(dptr, "sip:", strlen("sip:")) == 0)
+               if (strnicmp(dptr, "sip:", strlen("sip:")) == 0) {
+                       dptr += strlen("sip:");
                        break;
+               }
        }
        if (!skp_epaddr_len(ct, dptr, limit, &shift))
                return 0;