--- /dev/null
+From bc73e38cee0626945a70cb0c2d873aaae3795130 Mon Sep 17 00:00:00 2001
+From: Patrick McHardy <kaber@trash.net>
+Date: Fri, 5 Apr 2013 08:13:30 +0000
+Subject: netfilter: nf_ct_sip: don't drop packets with offsets pointing outside the packet
+
+From: Patrick McHardy <kaber@trash.net>
+
+commit 3a7b21eaf4fb3c971bdb47a98f570550ddfe4471 upstream.
+
+Some Cisco phones create huge messages that are spread over multiple packets.
+After calculating the offset of the SIP body, it is validated to be within
+the packet and the packet is dropped otherwise. This breaks operation of
+these phones. Since connection tracking is supposed to be passive, just let
+those packets pass unmodified and untracked.
+
+Signed-off-by: Patrick McHardy <kaber@trash.net>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+Cc: William Roberts <bill.c.roberts@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/netfilter/nf_conntrack_sip.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/net/netfilter/nf_conntrack_sip.c
++++ b/net/netfilter/nf_conntrack_sip.c
+@@ -1468,7 +1468,7 @@ static int sip_help_tcp(struct sk_buff *
+
+ msglen = origlen = end - dptr;
+ if (msglen > datalen)
+- return NF_DROP;
++ return NF_ACCEPT;
+
+ ret = process_sip_msg(skb, ct, dataoff, &dptr, &msglen);
+ if (ret != NF_ACCEPT)
pci-fix-truncation-of-resource-size-to-32-bits.patch
usb-add-new-zte-3g-dongle-s-pid-to-option.c.patch
alsa-hda-move-one-time-init-codes-from-generic_hdmi_init.patch
+netfilter-nf_ct_sip-don-t-drop-packets-with-offsets-pointing-outside-the-packet.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
