From bd90e682933dcd9d3d62ce93e73893269b4e5a05 Mon Sep 17 00:00:00 2001 From: David Cantrell Date: Apr 21 2009 02:39:32 +0000 Subject: - Restrict interface names given on the dhcpd command line to length IFNAMSIZ or shorter (#441524) --- diff --git a/dhcp-4.1.0-IFNAMSIZ.patch b/dhcp-4.1.0-IFNAMSIZ.patch new file mode 100644 index 0000000..f57d8c0 --- /dev/null +++ b/dhcp-4.1.0-IFNAMSIZ.patch @@ -0,0 +1,12 @@ +diff -up dhcp-4.1.0/server/dhcpd.c.ifnamsiz dhcp-4.1.0/server/dhcpd.c +--- dhcp-4.1.0/server/dhcpd.c.ifnamsiz 2009-04-20 16:35:30.000000000 -1000 ++++ dhcp-4.1.0/server/dhcpd.c 2009-04-20 15:45:15.000000000 -1000 +@@ -401,7 +401,7 @@ main(int argc, char **argv) { + log_fatal ("Insufficient memory to %s %s: %s", + "record interface", argv [i], + isc_result_totext (result)); +- strcpy (tmp -> name, argv [i]); ++ strncpy (tmp -> name, argv [i], sizeof (tmp -> name)); + if (interfaces) { + interface_reference (&tmp -> next, + interfaces, MDL); diff --git a/dhcp.spec b/dhcp.spec index 6dec05b..051cf7b 100644 --- a/dhcp.spec +++ b/dhcp.spec @@ -10,7 +10,7 @@ Summary: Dynamic host configuration protocol software Name: dhcp Version: 4.1.0 -Release: 18%{?dist} +Release: 19%{?dist} # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # dcantrell maintaining the package) made incorrect use of the epoch and # that's why it is at 12 now. It should have never been used, but it was. @@ -45,6 +45,7 @@ Patch15: %{name}-4.1.0-garbage-chars.patch Patch16: %{name}-4.1.0-port-validation.patch Patch17: %{name}-4.1.0-invalid-dhclient-conf.patch Patch18: %{name}-4.1.0-missing-ipv6-not-fatal.patch +Patch19: %{name}-4.1.0-IFNAMSIZ.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: autoconf @@ -187,6 +188,9 @@ libdhcpctl and libomapi static libraries are also included in this package. # (Submitted to dhcp-bugs@isc.org - [ISC-Bugs #19367] %patch18 -p1 +# Read only up to IFNAMSIZ characters for the interface name in dhcpd (#441524) +%patch19 -p1 + # Copy in documentation and example scripts for LDAP patch to dhcpd %{__install} -p -m 0755 ldap-for-dhcp-%{ldappatchver}/dhcpd-conf-to-ldap contrib/ @@ -419,6 +423,10 @@ fi %attr(0644,root,root) %{_mandir}/man3/omapi.3.gz %changelog +* Mon Apr 20 2009 David Cantrell - 12:4.1.0-19 +- Restrict interface names given on the dhcpd command line to length + IFNAMSIZ or shorter (#441524) + * Mon Apr 20 2009 David Cantrell - 12:4.1.0-18 - Make dhclient-script work with pre-configured wireless interfaces (#491157)