Patch "netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value." has been added to the 4.19-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Sun, 9 Jul 2023 02:39:22 -0400

This is a note to let you know that I've just added the patch titled

    netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.

to the 4.19-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     netfilter-nf_conntrack_sip-fix-the-ct_sip_parse_nume.patch
and it can be found in the queue-4.19 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit c40874c71ae6f5e26f1958101a5a7dd1d049899f
Author: Ilia.Gavrilov <Ilia.Gavrilov@xxxxxxxxxxx>
Date:   Fri Jun 23 11:23:46 2023 +0000

    netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
    
    [ Upstream commit f188d30087480eab421cd8ca552fb15f55d57f4d ]
    
    ct_sip_parse_numerical_param() returns only 0 or 1 now.
    But process_register_request() and process_register_response() imply
    checking for a negative value if parsing of a numerical header parameter
    failed.
    The invocation in nf_nat_sip() looks correct:
            if (ct_sip_parse_numerical_param(...) > 0 &&
                ...) { ... }
    
    Make the return value of the function ct_sip_parse_numerical_param()
    a tristate to fix all the cases
    a) return 1 if value is found; *val is set
    b) return 0 if value is not found; *val is unchanged
    c) return -1 on error; *val is undefined
    
    Found by InfoTeCS on behalf of Linux Verification Center
    (linuxtesting.org) with SVACE.
    
    Fixes: 0f32a40fc91a ("[NETFILTER]: nf_conntrack_sip: create signalling expectations")
    Signed-off-by: Ilia.Gavrilov <Ilia.Gavrilov@xxxxxxxxxxx>
    Reviewed-by: Simon Horman <simon.horman@xxxxxxxxxxxx>
    Reviewed-by: Florian Westphal <fw@xxxxxxxxx>
    Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c
index 046f118dea06b..d16aa43ebd4d6 100644
--- a/net/netfilter/nf_conntrack_sip.c
+++ b/net/netfilter/nf_conntrack_sip.c
@@ -605,7 +605,7 @@ int ct_sip_parse_numerical_param(const struct nf_conn *ct, const char *dptr,
 	start += strlen(name);
 	*val = simple_strtoul(start, &end, 0);
 	if (start == end)
-		return 0;
+		return -1;
 	if (matchoff && matchlen) {
 		*matchoff = start - dptr;
 		*matchlen = end - start;






