rpm/dhcp
SHA256
1
0
Fork 0
forked from pool/dhcp
Code Pull Requests Activity
28d0dd7c50
dhcp/0020-dhcp-4.x.x-fixed-improper-lease-duration-checking.patch
Nirmoy Das 30d0a54ed0 - Update to dhcp-4.3.3-P1 correcting bounds checking when 
receiving a packet (bsc#961305,CVE-2015-8605,ISC-Bugs#41267).
- adjusted interval check.
  [*0019-dhcp-4.2.4-P1-interval.patch]
- Fixed improper lease duration checking. Also added fixes for integer
  overflows in the date and time handling code(bsc#936923, bsc#880984).
  [+0020-dhcp-4.x.x-fixed-improper-lease-duration-checking.patch]
- fixed service files to start dhcpd after slapd (bsc#956159)
- dhclient-script: complain in the log about conflicts, added
  a see log messages to the dhclient log message (bsc#960506)
  [* 0018-client-fail-on-script-pre-init-error-bsc-912098.patch]

OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=163
2016-01-26 16:59:05 +00:00

72 lines
2.1 KiB
Diff
Raw Blame History

From: Marius Tomaschewski <mt@suse.de>
Date: Tue, 12 Jan 2016 15:42:22 +0100
Subject: [PATCH] fixed improper lease duration checking.
References: bsc#936923, bsc#880984
year 2038 is EOT only for 32 bit machine. This patch checks
wordsize and do a proper EOT checking on lease duration. It
also fixes integer overflows in the date and time handling code.
diff --git a/common/parse.c b/common/parse.c
index 22e7d58..e9e53a4 100644
--- a/common/parse.c
+++ b/common/parse.c
@@ -939,7 +939,7 @@ TIME
parse_date_core(cfile)
struct parse *cfile;
{
- int guess;
+ long guess;
int tzoff, year, mon, mday, hour, min, sec;
const char *val;
enum dhcp_token token;
@@ -966,7 +966,7 @@ parse_date_core(cfile)
}
skip_token(&val, NULL, cfile); /* consume number */
- guess = atoi(val);
+ guess = atol(val);
return((TIME)guess);
}
@@ -1113,11 +1113,22 @@ parse_date_core(cfile)
* overflow issues. We could try and be more precise but there
* doesn't seem to be a good reason to worry about it and waste
* the cpu looking at the rest of the date. */
- if (year >= 138)
- return(MAX_TIME);
-
+ if (sizeof(time_t) == 8) {
+ /* 2038 is not an issue on 64bit. time calculations
+ * start to fail at almost INT_MAX (- some guard) */
+ if (year > 0x7fff0000)
+ return(MAX_TIME);
+ } else {
+ /* assume 32bit with end in 2038 */
+ if (year >= 138)
+ return(MAX_TIME);
+ }
+ /* I don't think we need to care about lease starts before 1900 */
+ if (year < 0)
+ return((TIME)0);
+
/* Guess the time value... */
- guess = ((((((365 * (year - 70) + /* Days in years since '70 */
+ guess = ((((((365 * ((long)year - 70) + /* Days in years since '70 */
(year - 69) / 4 + /* Leap days since '70 */
(mon /* Days in months this year */
? months [mon - 1]
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 4270edc..1af4c5b 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -1561,7 +1561,7 @@ typedef unsigned char option_mask [16];
#define DHCPD_LOG_FACILITY LOG_DAEMON
#endif
-#define MAX_TIME 0x7fffffff
+#define MAX_TIME LONG_MAX
#define MIN_TIME 0
#ifdef USE_LOG_PID
View Git Blame Copy Permalink