system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-11-05 18:23:50 +00:00
Code Issues Projects Releases Packages Wiki Activity

netfilter: nf_conntrack_h323: fix off-by-one in DecodeQ931

Browse source 
This patch corrects an off-by-one error in the DecodeQ931 function in
the nf_conntrack_h323 module. This error could result in reading off
the end of a Q.931 frame.

Signed-off-by: Toby DiPasquale <toby@cbcg.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Toby DiPasquale 2016-07-11 11:32:45 +01:00 committed by Pablo Neira Ayuso
parent c080b460df
commit c2b9b4fee8
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
net/netfilter/nf_conntrack_h323_asn1.c
View file

@ -846,9 +846,10 @@ int DecodeQ931(unsigned char *buf, size_t sz, Q931 *q931)
sz -= len;
/* Message Type */
if (sz < 1)
if (sz < 2)
return H323_ERROR_BOUND;
q931->MessageType = *p++;
sz--;
PRINT("MessageType = %02X\n", q931->MessageType);
if (*p & 0x80) {
p++;