From: Jan Engelhardt <jengelh@medozas.de>
Date: Sat, 10 Jan 2009 05:11:13 +0000 (+0100)
Subject: ipp2p: add boundary check in search_all_kazaa
X-Git-Tag: v1.8~3^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4cdfd496376ca9ae2ed9ea70df22a2c672fcfc01;p=thirdparty%2Fxtables-addons.git

ipp2p: add boundary check in search_all_kazaa

To avoid underflow on "end - 18", we must check for plen >= 18.
---

diff --git a/extensions/xt_ipp2p.c b/extensions/xt_ipp2p.c
index 16203f9..3c5f238 100644
--- a/extensions/xt_ipp2p.c
+++ b/extensions/xt_ipp2p.c
@@ -623,6 +623,10 @@ search_all_kazaa(const unsigned char *payload, const unsigned int plen)
 	if (memcmp(payload, "GET /", 5) != 0)
 		return 0;
 
+	if (plen < 18)
+		/* The next tests would not succeed anyhow. */
+		return 0;
+
 	end = plen - 18;
 	rem = plen - 5;
 	for (c = 5; c < end; ++c, --rem) {