dhclient - Be more strict in check_option().
authorAntonio Huete Jimenez <tuxillo@quantumachine.net>
Wed, 1 Aug 2012 19:43:24 +0000 (21:43 +0200)
committerAntonio Huete Jimenez <tuxillo@quantumachine.net>
Wed, 15 Aug 2012 01:22:14 +0000 (03:22 +0200)
commitb3a4979d23b005c95e78f5a53d28f38c0ee8619d
tree6a8b08d8275db166c34744c71e9133d82422ea25
parent4e46f48e87f543ddc8e7d5eb02f0738ff16acd95
dhclient - Be more strict in check_option().

ISC dhclient had a buffer overflow: http://www.kb.cert.org/vuls/id/410676 and
while our dhclient is not vulnerable to that, it got us looking at how the
subnet mask option is handled.
This limits specific ip address options to length 4 in conformance with RFC 2132.

Taken-from: OpenBSD
sbin/dhclient/dhclient.c