rpm/dhcp
SHA256
1
0
Fork 0
forked from pool/dhcp
Code Pull Requests Activity
e4de661e19
dhcp/0019-dhcp-4.2.4-P1-interval.patch
Nirmoy Das 30d0a54ed0 - Update to dhcp-4.3.3-P1 correcting bounds checking when 
receiving a packet (bsc#961305,CVE-2015-8605,ISC-Bugs#41267).
- adjusted interval check.
  [*0019-dhcp-4.2.4-P1-interval.patch]
- Fixed improper lease duration checking. Also added fixes for integer
  overflows in the date and time handling code(bsc#936923, bsc#880984).
  [+0020-dhcp-4.x.x-fixed-improper-lease-duration-checking.patch]
- fixed service files to start dhcpd after slapd (bsc#956159)
- dhclient-script: complain in the log about conflicts, added
  a see log messages to the dhclient log message (bsc#960506)
  [* 0018-client-fail-on-script-pre-init-error-bsc-912098.patch]

OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=163
2016-01-26 16:59:05 +00:00

51 lines
1.8 KiB
Diff
Raw Blame History

commit 9a312e3cd914da2b6f32651c94d1d1d4fb0bf359
Author: Jiri Popelka <jpopelka@redhat.com>
Date: Fri Jul 27 10:00:49 2012 +0200
isc_time_nowplusinterval() is not safe with 64-bit time_t (#662254, #789601)
References: bsc#947780, bsc#880984
Index: dhcp-4.2.4-P2/common/dispatch.c
===================================================================
--- dhcp-4.2.4-P2.orig/common/dispatch.c
+++ dhcp-4.2.4-P2/common/dispatch.c
@@ -320,7 +320,20 @@ void add_timeout (when, where, what, ref
q->next = timeouts;
timeouts = q;
- isc_interval_set(&interval, sec & DHCP_SEC_MAX, usec * 1000);
+ /* isc_time_nowplusinterval() is not safe with 64-bit time_t and will
+ * return an error for sufficiently large intervals. We have to limit
+ * the interval to INT_MAX or less to ensure the interval doesn't
+ * overflow 32 bits, since the returned isc_time_t fields are
+ * 32-bit unsigned ints.
+ *
+ * HACK: The 9 is a magic number of seconds, since some time may have
+ * gone by since the last call to gettimeofday() and the one in
+ * isc_time_nowplusinterval().
+ */
+ if (sec > TIME_MAX)
+ sec = TIME_MAX - 9;
+
+ isc_interval_set(&interval, sec, usec * 1000);
status = isc_time_nowplusinterval(&expires, &interval);
if (status != ISC_R_SUCCESS) {
/*
From: Nirmoy Das <ndas@suse.de>
Date: Tue, 26 Jan 2016 13:36:28 +0100
Subject: [PATCH] adjusted interval check
Index: dhcp-4.3.3/common/dispatch.c
===================================================================
--- dhcp-4.3.3.orig/common/dispatch.c
+++ dhcp-4.3.3/common/dispatch.c
@@ -349,7 +349,7 @@ void add_timeout (when, where, what, ref
* gone by since the last call to gettimeofday() and the one in
* isc_time_nowplusinterval().
*/
- if (sec > TIME_MAX)
+ if (sec > TIME_MAX - 9)
sec = TIME_MAX - 9;
isc_interval_set(&interval, sec, usec * 1000);
View Git Blame Copy Permalink