matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

[cherry-pick][201911] Fix dhcp option buffer issue (#12520)

Browse Source 
Why I did it
#12033

How I did it
How to verify it
This commit is contained in:
ganglv 2022-10-28 14:27:47 +08:00 committed by GitHub
parent fc1295bdcc
commit f9dddfb106
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
src/isc-dhcp/patch/0014-Fix-dhcrelay-agent-option-buffer-pointer-logic.patch Normal file
View File

@ -0,0 +1,53 @@
From 0a2f9a62bceb90b0d30461add2e25c4ce7a24547 Mon Sep 17 00:00:00 2001
From: Thomas Markwalder <tmark@isc.org>
Date: Fri, 20 Dec 2019 10:11:54 -0500
Subject: [PATCH] [#71] Fix dhcrelay agent option buffer pointer logic
relay/dhcrelay.c
strip_relay_agent_options()
strip_relay_agent_options()
- corrected buffer pointer logic
---
relay/dhcrelay.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c
index 896e1e2e..980dacae 100644
--- a/relay/dhcrelay.c
+++ b/relay/dhcrelay.c
@@ -1065,8 +1065,13 @@ strip_relay_agent_options(struct interface_info *in,
return (0);
if (sp != op) {
- memmove(sp, op, op[1] + 2);
- sp += op[1] + 2;
+ size_t mlen = op[1] + 2;
+ memmove(sp, op, mlen);
+ sp += mlen;
+ if (sp > max) {
+ return (0);
+ }
+
op = nextop;
} else
op = sp = nextop;
@@ -1168,8 +1168,13 @@ add_relay_agent_options(struct interface_info *ip, struct dhcp_packet *packet,
end_pad = NULL;
if (sp != op) {
- memmove(sp, op, op[1] + 2);
- sp += op[1] + 2;
+ size_t mlen = op[1] + 2;
+ memmove(sp, op, mlen);
+ sp += mlen;
+ if (sp > max) {
+ return (0);
+ }
+
op = nextop;
} else
op = sp = nextop;
--
2.17.1

1
src/isc-dhcp/patch/series
View File

@ -12,3 +12,4 @@
0011-interface-name-maxlen-crash.patch 0011-interface-name-maxlen-crash.patch
0012-Don-t-skip-down-interfaces-when-discovering-interfac.patch 0012-Don-t-skip-down-interfaces-when-discovering-interfac.patch
0013-add-option-si-to-support-using-src-intf-ip-in-relay.patch 0013-add-option-si-to-support-using-src-intf-ip-in-relay.patch
0014-Fix-dhcrelay-agent-option-buffer-pointer-logic.patch