[pkg-dhcp-devel] Bug#622380: isc-dhcp-client: minor bug

david b db.pub.mail at gmail.com
Tue Apr 12 15:44:47 UTC 2011 

Package: isc-dhcp-client
Version: 4.1.1-P1-15+squeeze2
Severity: important

I have given up on upstream & and their bug tracking is "closed" anyway.

Over a few emails I sent the following to isc.

"
In 
dhcpclient.c

dhcp()
...
char addrbuf[4*16];
...
...
The following comment is just plain wrong:

                       /* piaddr() returns its result in a static
                          buffer sized 4*16 (see common/inet.c). */

Why? because sizeof pbuf is 46.
source:  static char
pbuf[sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255")];

Ok.

Now in dhcpv6()
...

char addrbuf[sizeof("ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff")];
the sizeof addrbuf is 40.

Following along:

       /* Discard, with log, packets from quenched sources. */
       for (ap = packet->interface->client->config->reject_list ;
            ap ; ap = ap->next) {
               if (addr_match(&packet->client_addr, &ap->match)) {

Ah... --->  strcpy(addrbuf, piaddr(packet->client_addr));



                       log_info("%s from %s rejected by rule %s",
                                dhcpv6_type_names[packet->dhcpv6_msg_type],
                                addrbuf,
                                piaddrmask(&ap->match.addr, &ap->match.mask));
                       return;
               }
       }

>From the strcpy manual:
The  strcpy()  function  copies  the  string pointed to by src,
including the terminating null byte ('\0'), to the buffer  pointed to
by dest.  The strings may not overlap, and the destination string dest
must be large  enough  to  receive  the  copy.

The man page for inet_ntop states the following:

      AF_INET6
             src  points  to  a struct in6_addr (in network byte
order) which is converted to a representation of this address in the
most
             appropriate IPv6 network address format for this
address.  The buffer dst must be at least INET6_ADDRSTRLEN bytes long.


INET6_ADDRSTRLEN  is  46,( #define INET6_ADDRSTRLEN 46 )

I prefer to not disagree with manuals (46 > 40).

Even if you decide to ignore this ->
In the following *should* be fixed:
1. the incorrect comment needs to be either removed or 'corrected'
2. addrbuf for ipv6 should be at least 46 or INET6_ADDRSTRLEN long.
"



-- System Information:
Debian Release: 6.0.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38.2 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages isc-dhcp-client depends on:
ii  debianutils         3.4                  Miscellaneous utilities specific t
ii  iproute             20100519-3           networking and traffic control too
ii  isc-dhcp-common     4.1.1-P1-15+squeeze2 common files used by all the isc-d
ii  libc6               2.11.2-10            Embedded GNU C Library: Shared lib

isc-dhcp-client recommends no packages.

Versions of packages isc-dhcp-client suggests:
pn  avahi-autoipd                 <none>     (no description available)
pn  resolvconf                    <none>     (no description available)

-- Configuration Files:
/etc/dhcp/dhclient.conf changed [not included]

-- no debconf information

More information about the pkg-dhcp-devel mailing list