ipp2p: fix Gnutella line ending detection

There is another mistake in the code. I have checked the Gnutella
protocol specification -- looks like the line separation is 0x0d-0x0a
and not 0x0a-0x0d (it seemed obvious but I was not sure and thought
they cannot have possibly got that wrong...). It would certainly
explain why I have never seen a match on any of my systems.

diff --git a/doc/changelog.txt b/doc/changelog.txt
index 113bd601bbfa191f623cccde197942a77f964d21..beb1f41d39c4491989e555c26b7d7c099016733c 100644 (file)
--- a/doc/changelog.txt
+++ b/doc/changelog.txt
@@ -2,6 +2,7 @@
 HEAD
 ====
 - ipp2p: add more boundary checks
+- ipp2p: fix Gnutelle line ending detection
 
 
 Xtables-addons 1.19 (October 12 2009)

diff --git a/extensions/xt_ipp2p.c b/extensions/xt_ipp2p.c
index 0f5c55f3304d2b11338663d7a6305ee4e6626c38..32d91c9d94e1bfdfa86b5bad98043204583fd1f6 100644 (file)
--- a/extensions/xt_ipp2p.c
+++ b/extensions/xt_ipp2p.c
@@ -586,8 +586,8 @@ search_all_gnu(const unsigned char *payload, const unsigned int plen)
                        unsigned int c;
 
                        for (c = 0; c < plen - 22; ++c)
-                               if (payload[c] == 0x0a &&
-                                   payload[c+1] == 0x0d &&
+                               if (payload[c] == 0x0d &&
+                                   payload[c+1] == 0x0a &&
                                    (memcmp(&payload[c+2], "X-Gnutella-", 11) == 0 ||
                                    memcmp(&payload[c+2], "X-Queue:", 8) == 0))
                                        return IPP2P_GNU * 100 + 3;