From: krw Date: Fri, 5 Aug 2016 14:02:23 +0000 (+0000) Subject: Don't leak the option data of non-DHCPINFORM messages received on X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=94bf53e6bc0173179c29ffa553cab2f2f9e0534f;p=openbsd Don't leak the option data of non-DHCPINFORM messages received on the udp socket. Found by David Carlier. ok yasuoka@ --- diff --git a/usr.sbin/dhcpd/dhcp.c b/usr.sbin/dhcpd/dhcp.c index 18dc8c40a38..2bef0107575 100644 --- a/usr.sbin/dhcpd/dhcp.c +++ b/usr.sbin/dhcpd/dhcp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dhcp.c,v 1.45 2016/02/06 23:50:10 krw Exp $ */ +/* $OpenBSD: dhcp.c,v 1.46 2016/08/05 14:02:23 krw Exp $ */ /* * Copyright (c) 1995, 1996, 1997, 1998, 1999 @@ -62,11 +62,17 @@ int outstanding_pings; static char dhcp_message[256]; void -dhcp(struct packet *packet) +dhcp(struct packet *packet, int is_udpsock) { if (!locate_network(packet) && packet->packet_type != DHCPREQUEST) return; + if (is_udpsock && packet->packet_type != DHCPINFORM) { + note("Unable to handle a DHCP message type=%d on UDP " + "socket", packet->packet_type); + return; + } + switch (packet->packet_type) { case DHCPDISCOVER: dhcpdiscover(packet); diff --git a/usr.sbin/dhcpd/dhcpd.h b/usr.sbin/dhcpd/dhcpd.h index 4cc611d4283..28a53741a9b 100644 --- a/usr.sbin/dhcpd/dhcpd.h +++ b/usr.sbin/dhcpd/dhcpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dhcpd.h,v 1.53 2016/02/06 23:50:10 krw Exp $ */ +/* $OpenBSD: dhcpd.h,v 1.54 2016/08/05 14:02:23 krw Exp $ */ /* * Copyright (c) 1995, 1996, 1997, 1998, 1999 @@ -532,7 +532,7 @@ int tree_evaluate(struct tree_cache *); /* dhcp.c */ extern int outstanding_pings; -void dhcp(struct packet *); +void dhcp(struct packet *, int); void dhcpdiscover(struct packet *); void dhcprequest(struct packet *); void dhcprelease(struct packet *); diff --git a/usr.sbin/dhcpd/options.c b/usr.sbin/dhcpd/options.c index 5ca9a4383fb..ce9c7ff30ba 100644 --- a/usr.sbin/dhcpd/options.c +++ b/usr.sbin/dhcpd/options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: options.c,v 1.30 2016/02/06 23:50:10 krw Exp $ */ +/* $OpenBSD: options.c,v 1.31 2016/08/05 14:02:23 krw Exp $ */ /* DHCP options parsing and reassembly. */ @@ -547,15 +547,8 @@ do_packet(struct interface_info *interface, struct dhcp_packet *packet, tp.options[DHO_DHCP_MESSAGE_TYPE].data) tp.packet_type = tp.options[DHO_DHCP_MESSAGE_TYPE].data[0]; - if (interface->is_udpsock) { - if (tp.packet_type != DHCPINFORM) { - note("Unable to handle a DHCP message type=%d on UDP " - "socket", tp.packet_type); - return; - } - } if (tp.packet_type) - dhcp(&tp); + dhcp(&tp, interface->is_udpsock); else bootp(&tp);