netfilter buglog - Jan 2007 - [Bug 532] New: ip_nat_sip rewrote Call-ID instead of Contact - patch attached

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=532

           Summary: ip_nat_sip rewrote Call-ID instead of Contact - patch
                    attached
           Product: netfilter/iptables
           Version: linux-2.6.x
          Platform: All
               URL: http://ibp.de/
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ip_conntrack
        AssignedTo: laforge@netfilter.org
        ReportedBy: lars@ibp.de


A softphone (SJPhone) in my nat'ed network couldn't complete outgoing
calls. I would get initial audio,
but the call was never connected as far as the softphone was concerned.

Analysis showed that ip_nat_sip rewrote the IP-Address in the Call-ID: instead
of the IP-Address in the
Contact: header. 

The problem is in ip_conntrack_sip.c:skp_epaddr_len: it searches for the next @
to skip the username,
but does not stop at the end of the header line.

In my case, SJPhone sends a Contact without a username, and the next @ was in
the Call-ID header.

Attached is a (trivial) fix. 

The fix should be safe, even in the presence of clients that use continuation
lines.

--- ip_conntrack_sip.orig	2007-01-18 01:25:24.000000000 +0100
+++ ip_conntrack_sip.c	2007-01-18 01:24:31.000000000 +0100
@@ -247,8 +247,10 @@
 {
 	int s = *shift;
 
-	for (; dptr <= limit && *dptr != '@'; dptr++)
+	// Search for @, but stop at the end of the line
+	for (; dptr <= limit && *dptr != '@' && 
+			 *dptr != '\r' && *dptr != '\n'; dptr++)
 		(*shift)++;
 
 	if (*dptr == '@') {

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.