[patch] dhclient and dhcpd option handling

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Nick Bender

Subject: [patch] dhclient and dhcpd option handling

Date: Monday, September 8, 2008 - 6:21 pm

There are two calls to bzero with the constant 256 in dhcpd/options.c which
result in incomplete buffer initialization and possible incorrect
option handling -
unintialized stack variables are my favorite non-deterministic error...

Also dhclient shouldn't report requested options "unexpected".

Changes to .h files make option flags consistently unsigned char.

Patch is also at http://nbender.com/dhcp.diff if gmail and demime
don't play nice.

-N
Index: sbin/dhclient/dhclient.c
===================================================================
RCS file: /cvs/src/sbin/dhclient/dhclient.c,v
retrieving revision 1.120
diff -u -p -r1.120 dhclient.c
--- sbin/dhclient/dhclient.c	7 Jun 2008 03:22:26 -0000	1.120
+++ sbin/dhclient/dhclient.c	9 Sep 2008 01:12:03 -0000
@@ -1940,6 +1940,7 @@ check_option(struct client_lease *l, int
 {
 	char *opbuf;
 	char *sbuf;
+	int i;
 
 	/* we use this, since this is what gets passed to dhclient-script */
 
@@ -2028,6 +2029,9 @@ check_option(struct client_lease *l, int
 	case DHO_END:
 		return (1);
 	default:
+		for (i = 0; config->requested_options[i]; i++)
+			if (config->requested_options[i] == option)
+				return (1);
 		warning("unknown dhcp option value 0x%x", option);
 		return (unknown_ok);
 	}
Index: sbin/dhclient/dhcpd.h
===================================================================
RCS file: /cvs/src/sbin/dhclient/dhcpd.h,v
retrieving revision 1.67
diff -u -p -r1.67 dhcpd.h
--- sbin/dhclient/dhcpd.h	26 May 2008 03:11:48 -0000	1.67
+++ sbin/dhclient/dhcpd.h	9 Sep 2008 01:12:03 -0000
@@ -136,8 +136,8 @@ struct client_config {
 	} default_actions[256];
 
 	struct option_data	 send_options[256];
-	u_int8_t		 required_options[256];
-	u_int8_t		 requested_options[256];
+	unsigned char		 required_options[256];
+	unsigned char		 requested_options[256];
 	int			 requested_option_count;
 	time_t			 timeout;
 	time_t			 initial_interval;
Index: usr.sbin/dhcpd/dhcpd.h
===================================================================
RCS file: /cvs/src/usr.sbin/dhcpd/dhcpd.h,v
retrieving revision 1.36
diff -u -p -r1.36 dhcpd.h
--- usr.sbin/dhcpd/dhcpd.h	7 May 2008 12:19:20 -0000	1.36
+++ usr.sbin/dhcpd/dhcpd.h	9 Sep 2008 01:12:27 -0000
@@ -335,8 +335,8 @@ struct client_config {
 	} default_actions[256];
 
 	struct option_data send_options[256]; /* Send these to server. */
-	u_int8_t required_options[256]; /* Options server must supply. */
-	u_int8_t requested_options[256]; /* Options to request from server. */
+	unsigned char required_options[256];  /* Options server must supply. */
+	unsigned char requested_options[256]; /* Options to request from server. */
 	int requested_option_count;	/* Number of requested options. */
 	time_t timeout;			/* Start to panic if we don't get a
 					   lease in this time period when
Index: usr.sbin/dhcpd/options.c
===================================================================
RCS file: /cvs/src/usr.sbin/dhcpd/options.c,v
retrieving revision 1.21
diff -u -p -r1.21 options.c
--- usr.sbin/dhcpd/options.c	16 Apr 2008 00:36:48 -0000	1.21
+++ usr.sbin/dhcpd/options.c	9 Sep 2008 01:12:27 -0000
@@ -207,11 +207,11 @@ void
 create_priority_list(unsigned char *priority_list, unsigned char *prl,
     int prl_len)
 {
-	int stored_list[256];
+	unsigned char stored_list[256];
 	int i, priority_len = 0;
 
-	bzero(stored_list, 256);
-	bzero(priority_list, 256);
+	bzero(stored_list, sizeof(stored_list));
+	bzero(priority_list, sizeof(priority_list));
 
 	/* Some options we don't want on the priority list. */
 	stored_list[DHO_PAD] = 1;

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[patch] dhclient and dhcpd option handling, Nick Bender, (Mon Sep 8, 6:21 pm)

Re: [patch] dhclient and dhcpd option handling, Reyk Floeter, (Sun Aug 9, 3:15 pm)


linux-kernel:
Paul Turner	[tg_shares_up rewrite v4 11/11] sched: update tg->shares after cpu.shares write
Mr. James W. Laferriere	Re: Linux 2.6.25-rc1 , syntax error near unexpected token `;'
Linus Torvalds	Linux 2.6.34-rc4
Colin Cross	[PATCH 12/21] ARM: tegra: Add suspend and hotplug support
Chuck Ebbert	Re: PCI: Unable to reserve mem region problem
git:
Ralf Wildenhues	[PATCH] Fix typos in the documentation
Len Brown	Re: fatal: unable to create '.git/index': File exists
Denis Bueno	Git clone error
Paolo Bonzini	Re: [RFC/PATCH 5/6] revert: add --ff option to allow fast forward when cherry-pick...
Sam Vilain	Re: RFC: Flat directory for notes, or fan-out? Both!
git-commits-head:
Linux Kernel Mailing List	ASoC: fix registration of the SoC card in the Freescale MPC8610 drivers
Linux Kernel Mailing List	drivers/acpi: use kasprintf
Linux Kernel Mailing List	nfsd41: sanity check client drc maxreqs
Linux Kernel Mailing List	bnx2x: Moving includes
Linux Kernel Mailing List	V4L/DVB: gspca - sonixj: Adjust minor values of sensor ov7630. - set the color ga...
openbsd-misc:
Sevan / Venture37	Re: This is what Linus Torvalds calls openBSD crowd
Netmaffia.hu	Tini Lányok AKCIÓBAN OTTHON
Siju George	This is what Linus Torvalds calls openBSD crowd
Darrin Chandler	Re: OT: Python (was Re: vi in /bin)
Sam Fourman Jr.	Re: Help with Altell PC6700
linux-netdev:
Jamie Lokier	Re: POHMELFS high performance network filesystem. Transactions, failover, performa...
Kurt Van Dijck	Re: [PATCH net-next-2.6 1/2] can: add driver for Softing card
Eric Dumazet	Re: [PATCH net-next-2.6] net: Introduce skb_orphan_try()
Jarek Poplawski	Re: socket api problem: can't bind an ipv6 socket to ::ffff:0.0.0.0
David Miller	Re: [PATCH v2] net: typos in comments in include/linux/igmp.h