b4232a22776aa5d063f890d21ca69870dbbe431b |
|
04-Apr-2011 |
David Sterba <dsterba@suse.cz> |
netfilter: h323: bug in parsing of ASN1 SEQOF field Static analyzer of clang found a dead store which appears to be a bug in reading count of items in SEQOF field, only the lower byte of word is stored. This may lead to corrupted read and communication shutdown. The bug has been in the module since it's first inclusion into linux kernel. [Patrick: the bug is real, but without practical consequence since the largest amount of sequence-of members we parse is 30.] Signed-off-by: David Sterba <dsterba@suse.cz> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
905e3e8ec5899ae618846c9ac6f38dd6c22e604e |
|
31-Jan-2008 |
Jan Engelhardt <jengelh@computergmbh.de> |
[NETFILTER]: nf_conntrack_h323: constify and annotate H.323 helper Constify data tables (predominantly in nf_conntrack_h323_types.c, but also a few in nf_conntrack_h323_asn1.c) and use const qualifiers on variables where possible in the h323 sources. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
1f807d6eb3f1e99fe6ff9ce3e12f1fbbc0a2f5c5 |
|
31-Jan-2008 |
Jan Engelhardt <jengelh@computergmbh.de> |
[NETFILTER]: nf_conntrack_h323: clean up code a bit -total: 81 errors, 3 warnings, 876 lines checked +total: 44 errors, 3 warnings, 876 lines checked There is still work to be done, but that's for another patch. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
dc64d02ba8559ed09f49697aedfb1f6a1ab5909d |
|
31-Jan-2008 |
Stephen Hemminger <shemminger@vyatta.com> |
[NETFILTER]: nf_conntrack_h3223: sparse fixes Sparse complains when a function is not really static. Putting static on the function prototype is not enough. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
e79ec50b9587c175f65f98550d66ad5b96c05dd9 |
|
18-Dec-2007 |
Jan Engelhardt <jengelh@computergmbh.de> |
[NETFILTER]: Parenthesize macro parameters Parenthesize macro parameters. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
558585aad0c0ef83d3d14a1c7576b1e404ca1fbc |
|
08-Jul-2007 |
Jing Min Zhao <zhaojingmin@vivecode.com> |
[NETFILTER]: nf_conntrack_h323: check range first in sequence extension Check range before checking STOP flag. This optimization may save a nanosecond or less :) Signed-off-by: Jing Min Zhao <zhaojingmin@vivecode.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
25845b5155b55cd77e42655ec24161ba3feffa47 |
|
06-Jul-2007 |
Jing Min Zhao <zhaojingmin@vivecode.com> |
[NETFILTER]: nf_conntrack_h323: add checking of out-of-range on choices' index values Choices' index values may be out of range while still encoded in the fixed length bit-field. This bug may cause access to undefined types (NULL pointers) and thus crashes (Reported by Zhongling Wen). This patch also adds checking of decode flag when decoding SEQUENCEs. Signed-off-by: Jing Min Zhao <zhaojingmin@vivecode.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
f587de0e2feb9eb9b94f98d0a7b7437e4d6617b4 |
|
03-Dec-2006 |
Patrick McHardy <kaber@trash.net> |
[NETFILTER]: nf_conntrack/nf_nat: add H.323 helper port Add IPv4 and IPv6 capable nf_conntrack port of the H.323 conntrack/NAT helper. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|