Matthias Andree wrote:
You can use "bk receive" to patch with this mail.
BK: Parent repository is bk://linux.bkbits.net/linux-2.5
Patch description:
ChangeSet@1.2427, 2004-11-04 13:00:54+01:00, matthias.andree@gmx.de
Fix ip_conntrack_amanda data corruption bug that breaks amanda dumps.
Fix a bug where the ip_conntrack_amanda module replaces the first LF
after "CONNECT " by a NUL byte. This causes the UDP checksum to become
corrupt and strips off the OPTIONS argument from the received packet,
breaking amanda's sendbackup component altogether. Replace the LF
character before releasing the buffer.
The data that is changed is only a copy, the actual packet is not touched.
Regards Patrick
Signed-off-by: Matthias Andree <matthias.andree@gmx.de>
Matthias Andree
------------------------------------------------------------------------
##### DIFFSTAT ##### ip_conntrack_amanda.c | 12 ++++++++---- 1 files changed, 8 insertions(+), 4 deletions(-)
##### GNUPATCH ##### --- 1.10/net/ipv4/netfilter/ip_conntrack_amanda.c 2004-08-19 02:14:53 +02:00 +++ 1.11/net/ipv4/netfilter/ip_conntrack_amanda.c 2004-11-04 12:59:26 +01:00 @@ -49,7 +49,7 @@ { struct ip_conntrack_expect *exp; struct ip_ct_amanda_expect *exp_amanda_info; - char *amp, *data, *data_limit, *tmp; + char *amp, *data, *data_limit, *tmp, *le = 0; unsigned int dataoff, i; u_int16_t port, len;
@@ -83,9 +83,10 @@ goto out; data += strlen("CONNECT ");
- /* Only search first line. */ - if ((tmp = strchr(data, '\n'))) - *tmp = '\0'; + /* Only search first line. + * NB: The change to the data must be reverted later! */ + if ((le = strchr(data, '\n'))) + *le = '\0';
for (i = 0; i < ARRAY_SIZE(conns); i++) { char *match = strstr(data, conns[i]); @@ -120,6 +121,9 @@ }
out: + /* replace LF character to repair the packet */ + if (le) + *le = '\n'; UNLOCK_BH(&amanda_buffer_lock); return NF_ACCEPT; }
- : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
