From f1de362c341d8759a0a46cc0016164bb9f6a37e1 Mon Sep 17 00:00:00 2001
From: Jiří Popelka <jpopelka@fedoraproject.org>
Date: Jun 18 2010 12:09:34 +0000
Subject: - Fix for CVE-2010-2156


---

diff --git a/dhcp-4.1.0p1-CVE-2010-2156.patch b/dhcp-4.1.0p1-CVE-2010-2156.patch
new file mode 100644
index 0000000..6c09f95
--- /dev/null
+++ b/dhcp-4.1.0p1-CVE-2010-2156.patch
@@ -0,0 +1,20 @@
+diff -up dhcp-4.1.0p1/omapip/hash.c.CVE-2010-2156 dhcp-4.1.0p1/omapip/hash.c
+--- dhcp-4.1.0p1/omapip/hash.c.CVE-2010-2156	2007-11-07 20:42:18.000000000 +0100
++++ dhcp-4.1.0p1/omapip/hash.c	2010-06-18 14:02:22.000000000 +0200
+@@ -49,8 +49,14 @@ find_length(const void *key,
+ 	if (do_hash == do_ip4_hash)
+ 		return 4;
+ 
+-	log_fatal("Impossible condition at %s:%d.", MDL);
+-	return 0; /* Silence compiler warnings. */
++	log_debug("Unexpected hash function at %s:%d.", MDL);
++	/*
++	 * If we get a hash function we don't specifically expect
++	 * return a length of 0, this covers the case where a client
++	 * id has a length of 0.
++	 */
++	return 0;
++	
+ }
+ 
+ int new_hash_table (tp, count, file, line)
diff --git a/dhcp.spec b/dhcp.spec
index 2713c80..104be50 100644
--- a/dhcp.spec
+++ b/dhcp.spec
@@ -13,7 +13,7 @@
 Summary:  Dynamic host configuration protocol software
 Name:     dhcp
 Version:  %{basever}p1
-Release:  5%{?dist}
+Release:  6%{?dist}
 # NEVER CHANGE THE EPOCH on this package.  The previous maintainer (prior to
 # dcantrell maintaining the package) made incorrect use of the epoch and
 # that's why it is at 12 now.  It should have never been used, but it was.
@@ -52,6 +52,7 @@ Patch18:  %{name}-4.1.0-missing-ipv6-not-fatal.patch
 Patch19:  %{name}-4.1.0-IFNAMSIZ.patch
 Patch20:  %{name}-4.1.0-add_timeout_when_NULL.patch
 Patch21:  %{name}-4.1.0-CVE-2009-1892.patch
+Patch22:  %{name}-4.1.0p1-CVE-2010-2156.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: autoconf
@@ -206,6 +207,10 @@ libdhcpctl and libomapi static libraries are also included in this package.
 # http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892
 %patch21 -p1
 
+# Fix for CVE-2010-2156
+# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156
+%patch22 -p1
+
 # Copy in documentation and example scripts for LDAP patch to dhcpd
 %{__install} -p -m 0755 ldap-for-dhcp-%{ldappatchver}/dhcpd-conf-to-ldap contrib/
 
@@ -460,6 +465,9 @@ fi
 %attr(0644,root,root) %{_mandir}/man3/omapi.3.gz
 
 %changelog
+* Fri Jun 18 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.1.0p1-6
+- Fix for CVE-2010-2156
+
 * Tue Oct 13 2009 Jiri Popelka <jpopelka@redhat.com> - 12:4.1.0p1-5
 - Fix 56dhclient so network comes back after suspend/hibernate (#527641)