From: Patrick McHardy <kaber@trash.net>
Date: Tue, 23 May 2006 22:07:46 +0000 (-0700)
Subject: [NETFILTER]: H.323 helper: fix sequence extension parsing
X-Git-Tag: Ubuntu-5.2.0-15.16~50926
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=4d942d8b39bf7d43ce93d85964aeb63aeace0593;p=mirror_ubuntu-eoan-kernel.git

[NETFILTER]: H.323 helper: fix sequence extension parsing

When parsing unknown sequence extensions the "son"-pointer points behind
the last known extension for this type, don't try to interpret it.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c b/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c
index 5d04438dda4b..26dfecadb335 100644
--- a/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c
+++ b/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c
@@ -555,7 +555,7 @@ int decode_seq(bitstr_t * bs, field_t * f, char *base, int level)
 
 	/* Decode the extension components */
 	for (opt = 0; opt < bmp2_len; opt++, i++, son++) {
-		if (son->attr & STOP) {
+		if (i < f->ub && son->attr & STOP) {
 			PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ",
 			      son->name);
 			return H323_ERROR_STOP;