[NETFILTER]: SIP conntrack: fix out of bounds memory access

When checking for an @-sign in skp_epaddr_len, make sure not to
run over the packet boundaries.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Patrick McHardy 2007-01-30 14:25:24 -08:00 committed by David S. Miller
parent 7da5bfbb12
commit adcb471110
2 changed files with 2 additions and 2 deletions

View file

@ -292,7 +292,7 @@ static int skp_epaddr_len(const char *dptr, const char *limit, int *shift)
dptr++;
}
if (*dptr == '@') {
if (dptr <= limit && *dptr == '@') {
dptr++;
(*shift)++;
} else

View file

@ -312,7 +312,7 @@ static int skp_epaddr_len(struct nf_conn *ct, const char *dptr,
dptr++;
}
if (*dptr == '@') {
if (dptr <= limit && *dptr == '@') {
dptr++;
(*shift)++;
} else