Hello,
2016-10-24 18:07 GMT+02:00 Ulrich Weber <ulrich.weber@xxxxxxxxxxxx>:
> on SIP requests, so a fragmented TCP SIP packet from an allow header starting with
> INVITE,NOTIFY,OPTIONS,REFER,REGISTER,UPDATE,SUBSCRIBE
> Content-Length: 0
>
> will not bet interpreted as an INVITE request. Also Request-URI must start with an alphabetic character.
>
> Confirm with RFC 3261
> Request-Line = Method SP Request-URI SP SIP-Version CRLF
>
> Signed-off-by: Ulrich Weber <ulrich.weber@xxxxxxxxxxxx>
Looks ok to me.
Acked-by: Marco Angaroni <marcoangaroni@xxxxxxxxx>
> ---
> net/netfilter/nf_conntrack_sip.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c
> index 7700556..df773d6 100644
> --- a/net/netfilter/nf_conntrack_sip.c
> +++ b/net/netfilter/nf_conntrack_sip.c
> @@ -1436,9 +1436,12 @@ static int process_sip_request(struct sk_buff *skb, unsigned int protoff,
> handler = &sip_handlers[i];
> if (handler->request == NULL)
> continue;
> - if (*datalen < handler->len ||
> + if (*datalen < handler->len + 2 ||
> strncasecmp(*dptr, handler->method, handler->len))
> continue;
> + if ((*dptr)[handler->len] != ' ' ||
> + !isalpha((*dptr)[handler->len+1]))
> + continue;
>
> if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_CSEQ,
> &matchoff, &matchlen) <= 0) {
> --
> 2.7.4
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
