From 4cdfd496376ca9ae2ed9ea70df22a2c672fcfc01 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@medozas.de>
Date: Sat, 10 Jan 2009 06:11:13 +0100
Subject: [PATCH] ipp2p: add boundary check in search_all_kazaa

To avoid underflow on "end - 18", we must check for plen >= 18.
---
 extensions/xt_ipp2p.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/extensions/xt_ipp2p.c b/extensions/xt_ipp2p.c
index 16203f9..3c5f238 100644
--- a/extensions/xt_ipp2p.c
+++ b/extensions/xt_ipp2p.c
@@ -623,6 +623,10 @@ search_all_kazaa(const unsigned char *payload, const unsigned int plen)
 	if (memcmp(payload, "GET /", 5) != 0)
 		return 0;
 
+	if (plen < 18)
+		/* The next tests would not succeed anyhow. */
+		return 0;
+
 	end = plen - 18;
 	rem = plen - 5;
 	for (c = 5; c < end; ++c, --rem) {