From 416a52ad1c3d8474cedc3688b2bc3121f416e62c Mon Sep 17 00:00:00 2001
From: donat zenichev <dzenichev@sipwise.com>
Date: Tue, 20 Jul 2021 12:16:02 +0300
Subject: [PATCH] TT#130901 pike_check_req() does not work as expected

It's noticed that pike_check_req() does not work as expected,
as a consequence denial of service attacks are not being prevented.

This patch fixes that.

Change-Id: Ic909f2b689cda69e3cc589fd0d3180a0c8e3b92c
---
 debian/patches/series                         |  1 +
 .../upstream/pike-fixed-regression.patch      | 29 +++++++++++++++++++
 2 files changed, 30 insertions(+)
 create mode 100644 debian/patches/upstream/pike-fixed-regression.patch

diff --git a/debian/patches/series b/debian/patches/series
index 423d2d27b..740805921 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -38,6 +38,7 @@ upstream/permissions-basic-safety-for-concurent-rpc-reload.patch
 upstream/permissions-add-reload_delta-parameter.patch
 upstream/ndb_redis-set-message-level-to-debug-on-reconnect.patch
 upstream/nathelper-don-t-fail-if-a-rtcp-has-no-IP.patch
+upstream/pike-fixed-regression.patch
 ### relevant for upstream
 sipwise/pua_dialoginfo-refresh_pubruri_avps_flag.patch
 sipwise/pua_dialoginfo-local_identity_dlg_var.patch
diff --git a/debian/patches/upstream/pike-fixed-regression.patch b/debian/patches/upstream/pike-fixed-regression.patch
new file mode 100644
index 000000000..9ae5b505e
--- /dev/null
+++ b/debian/patches/upstream/pike-fixed-regression.patch
@@ -0,0 +1,29 @@
+From b62a773c8f0c1daf1aa3d1cd57845d414eea5bac Mon Sep 17 00:00:00 2001
+From: Boris Korzun <korzun@miatel.ru>
+Date: Tue, 25 May 2021 17:14:18 +0300
+Subject: [PATCH] pike: fixed regression - removed unnecessary NULL-return from
+ mark_node() after previous commit
+
+(cherry picked from commit 79fbb7c6df5d4c742b1283b752c2df0f51e77f09)
+---
+ src/modules/pike/ip_tree.c | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/src/modules/pike/ip_tree.c b/src/modules/pike/ip_tree.c
+index c0324c0476..1fe9227a5f 100644
+--- a/src/modules/pike/ip_tree.c
++++ b/src/modules/pike/ip_tree.c
+@@ -301,10 +301,6 @@ pike_ip_node_t* mark_node(unsigned char *ip,int ip_len,
+ 		}
+ 	}
+ 
+-	if(node==NULL) {
+-		return NULL;
+-	}
+-
+ 	LM_DBG("only first %d were matched!\n",byte_pos);
+ 	*flag = 0;
+ 	*father = 0;
+-- 
+2.25.1
+