635ee34503
An option refcount overflow exists in dhcpd - bsc#1203989, CVE-2022-2929, dhcp-CVE-2022-2929.patch: DHCP memory leak OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=248
24 lines
597 B
Diff
24 lines
597 B
Diff
--- common/options.c.orig
|
|
+++ common/options.c
|
|
@@ -454,16 +454,16 @@ int fqdn_universe_decode (struct option_
|
|
while (s < &bp -> data[0] + length + 2) {
|
|
len = *s;
|
|
if (len > 63) {
|
|
- log_info ("fancy bits in fqdn option");
|
|
- return 0;
|
|
+ log_info ("label length exceeds 63 in fqdn option");
|
|
+ goto bad;
|
|
}
|
|
if (len == 0) {
|
|
terminated = 1;
|
|
break;
|
|
}
|
|
if (s + len > &bp -> data [0] + length + 3) {
|
|
- log_info ("fqdn tag longer than buffer");
|
|
- return 0;
|
|
+ log_info ("fqdn label longer than buffer");
|
|
+ goto bad;
|
|
}
|
|
|
|
if (first_len == 0) {
|