nant's projects / dragonfly.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9930e9a) | patch
dhclient - Be more strict in check_option().
authorAntonio Huete Jimenez <tuxillo@quantumachine.net>
Wed, 1 Aug 2012 19:43:24 +0000 (21:43 +0200)
committerAntonio Huete Jimenez <tuxillo@quantumachine.net>
Sun, 19 Aug 2012 14:30:26 +0000 (16:30 +0200)
commit313ef36c6db715415e5498d028f29a4acae56ea0
tree00375625fb8bfc539db425a2127a05dbf814e93ctree | snapshot
parent9930e9a82403a68e5891a678e5e4d73b6027a30bcommit | diff
dhclient - Be more strict in check_option().

ISC dhclient had a buffer overflow: http://www.kb.cert.org/vuls/id/410676 and
while our dhclient is not vulnerable to that, it got us looking at how the
subnet mask option is handled.
This limits specific ip address options to length 4 in conformance with RFC 2132.

Taken-from: OpenBSD
sbin/dhclient/dhclient.c diff | blob | blame | history
Nuno's DragonFly repo.