Google Git
Sign in
kernel/pub/scm/linux/kernel/git/fwestphal/nf/refs/heads/testing
commit
af521b069484c83e8c1c0c4ce25eb6cefff7fdd2
[log]
author
Florian Westphal <fw@strlen.de>
Mon Apr 13 23:43:59 2026 +0200
committer
Florian Westphal <fw@strlen.de>
Fri Apr 17 08:26:33 2026 +0200
tree
14b65658318e8b5ca06ad0d7cf5dcaa74b3e3acc
parent
812bef82406ce61668086ae0d1b102e9878b5542 [diff]
netfilter: nf_conntrack_sip: don't use strtoul_simple

Probably 'safe' because struct shinfo is stored at end of linear data area
and simple_strotul bails out on first character thats not a number.

Prefer a stricter version instead.  There are intentional changes:

- Bail out if number is > UINT_MAX and indicate a failure.
  We don't expect huge values here.

- Bail out if we get more characters than expected, we don't expect
  something like 'expires=9999999999999999999999999999999999'.

- In ct_sip_parse_numerical_param() base 10 is enforced. This is used
  to fetch 'expire=' and 'rports='; both are expected to be base-10 values.

- In nf_nat_sip.c, only accept the parsed value if its within the 1k-64k
  range.

Signed-off-by: Florian Westphal <fw@strlen.de>
2 files changed
tree: 14b65658318e8b5ca06ad0d7cf5dcaa74b3e3acc
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. io_uring/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. rust/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .clippy.toml
  27. .cocciconfig
  28. .editorconfig
  29. .get_maintainer.ignore
  30. .gitattributes
  31. .gitignore
  32. .mailmap
  33. .pylintrc
  34. .rustfmt.toml
  35. COPYING
  36. CREDITS
  37. Kbuild
  38. Kconfig
  39. MAINTAINERS
  40. Makefile
  41. README