[pkg-dhcp-devel] Bug#627136: isc-dhcp-server: dhcpd segfaults on config with multiple empty lines

Glen Diener gdiener at excelii.com
Tue May 17 22:07:49 UTC 2011


Package: isc-dhcp-server
Version: 4.1.1-P1-15+squeeze2
Severity: important

The dhcpd server dies with segmentation fault when the dhcpd.conf file contains numerous 
consecutive blank lines. In my case, the dhcpd.conf had 100 consecutive lines with 23 spaces. 
The server will exhibit the same behavior with 1507 or more consecutive blank lines.

The relevant contents of /var/log/syslog follow:

May 17 15:45:41 buddy dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1
May 17 15:45:41 buddy dhcpd: Copyright 2004-2010 Internet Systems Consortium.
May 17 15:45:41 buddy dhcpd: All rights reserved.
May 17 15:45:41 buddy dhcpd: For info, please visit https://www.isc.org/software/dhcp/
May 17 15:45:41 buddy kernel: [29319.970678] dhcpd[15683]: segfault at 1003549 ip 00000000004414bc sp 00007fff74979718 error 4 in dhcpd[400000+a7000]

I suspect a buffer overflow problem when the amount of white space between configuration directives reaches a threshold.



-- System Information:
Debian Release: 6.0.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages isc-dhcp-server depends on:
ii  debconf [debconf-2. 1.5.36.1             Debian configuration management sy
ii  debianutils         3.4                  Miscellaneous utilities specific t
ii  isc-dhcp-common     4.1.1-P1-15+squeeze2 common files used by all the isc-d
ii  libc6               2.11.2-10            Embedded GNU C Library: Shared lib
ii  lsb-base            3.2-23.2squeeze1     Linux Standard Base 3.2 init scrip

isc-dhcp-server recommends no packages.

Versions of packages isc-dhcp-server suggests:
pn  isc-dhcp-server-ldap          <none>     (no description available)

-- Configuration Files:
/etc/dhcp/dhcpd.conf changed:
authoritative;
option domain-name "internal.excelhustler.com";
option domain-name-servers 192.168.0.2;
option wpad code 252 = text;
option wpad "http://wpad.internal.hustlerturf.com/wpad.dat";
option systemimager-server code 140 = text;
option systemimager-server "192.168.0.8";
option space gpxe;
option gpxe-encap-opts code 175 = encapsulate gpxe;
option gpxe.bus-id code 177 = string;
option gpxe.keep-san code 8 = unsigned integer 8;
option subnet-mask 255.255.0.0;
default-lease-time 172800;
max-lease-time 345600;
allow duplicates; # Seems to be needed for Mac clients
subnet 192.168.0.0 netmask 255.255.0.0 {
  option broadcast-address 192.168.255.255;
  option routers 192.168.0.1;
}
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
host rgomez.desktop.internal.excelhustler.com {
  # This machine belongs to rgomez
  # This machine is: PG030911005191
  # Ethernet vendor is: Unknown
  hardware ethernet 00:e0:4c:a8:78:c0;
  fixed-address 192.168.5.3;
  next-server 192.168.0.61;
  filename "pxelinux.0";
}


-- debconf information excluded





More information about the pkg-dhcp-devel mailing list