Re: [BK PATCH] Fix ip_conntrack_amanda data corruption bug that breaksamanda dumps

[Pablo Neira]

Patrick McHardy wrote:

> Pablo Neira wrote:
>
> > Patrick, what about this? this way we save a copy to a buffer for 
> > linear skbs.
> >
> > Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxx>
> >
> > @@ -74,12 +75,17 @@
> >                  skb->len - dataoff, amanda_buffer);
> >     BUG_ON(amp == NULL);
> >     data = amp;
> > -    data_limit = amp + skb->len - dataoff;
> > -    *data_limit = '\0';
> >
> >     /* Search for the CONNECT string */
> > -    data = strstr(data, "CONNECT ");
> > -    if (!data)
> > +    while((data = memchr(data, 'C', skb->len - dataoff)) != NULL) {
> > +        if (strncmp(data, "CONNECT ", 8) == 0) {
> >  
> What if the C is the last byte ? There are also more str* commands below
> that need a terminating 0-byte.


you both are right. Patrick's patch is the best way to fix this problem.

Pablo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/