Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.2:Update
freeradius-server.7382
19a18bf7.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 19a18bf7.patch of Package freeradius-server.7382
commit 19a18bf7c8af649c9e9742fb6a046f6aff639866 Author: Alan T. DeKok <aland@freeradius.org> Date: Mon Jul 3 15:42:35 2017 -0400 FR-GV-304 - check for option overflowing the packet diff --git a/src/modules/proto_dhcp/dhcp.c b/src/modules/proto_dhcp/dhcp.c index dbfe81747..5fd922d03 100644 --- a/src/modules/proto_dhcp/dhcp.c +++ b/src/modules/proto_dhcp/dhcp.c @@ -629,6 +629,24 @@ static int fr_dhcp_decode_suboption(TALLOC_CTX *ctx, VALUE_PAIR **tlv, uint8_t c uint32_t attr; /* + * Not enough room for the option header, it's a + * bad packet. + */ + if ((p + 2) > (data + len)) { + fr_pair_list_free(&head); + return -1; + } + + /* + * Not enough room for the option header + data, + * it's a bad packet. + */ + if ((p + 2 + p[1]) > (data + len)) { + fr_pair_list_free(&head); + return -1; + } + + /* * The initial OID string looks like: * <iana>.0 *
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor