From 5aec3125fcefeb5cb58d32fd9672280f0b8d4390 Mon Sep 17 00:00:00 2001
From: Boian Bonev <bbonev@ipacct.com>
Date: Mar 19 2023 00:43:16 +0000
Subject: Fix two more places with OOB access


---

diff --git a/dhcpdump-bugfix_strcounts.patch b/dhcpdump-bugfix_strcounts.patch
index 504259d..cdb1c6d 100644
--- a/dhcpdump-bugfix_strcounts.patch
+++ b/dhcpdump-bugfix_strcounts.patch
@@ -5,7 +5,7 @@ Description: Add check to avoid OOB access
 Author: Boian Bonev <bbonev@ipacct.com>
 Origin: other
 Forwarded: by-email
-Last-Update: 2013-10-04
+Last-Update: 2023-03-19
 
 --- a/dhcpdump.c
 +++ b/dhcpdump.c
@@ -18,7 +18,32 @@ Last-Update: 2013-10-04
  // header variables
  char	timestamp[40];			// timestamp on header
  char	mac_origin[40];			// mac address of origin
-@@ -480,7 +482,7 @@ int printdata(u_char *data, int data_len
+@@ -446,7 +448,11 @@ int printdata(u_char *data, int data_len
+ 	case 31:	// Perform router discovery
+ 	case 34:	// Trailer encapsulation
+ 	case 39:	// TCP keepalive garbage
+-		printf("%d (%s)", data[j + 2], enabledisable[data[j + 2]]);
++		printf("%d (%s)",
++			data[j + 2],
++			data[j + 2] > strcountof(enabledisable) ?
++				"*unknown*" :
++				enabledisable[data[j + 2]]);
+ 		break;
+ 
+ 	case 23:	// Default IP TTL
+@@ -464,7 +470,10 @@ int printdata(u_char *data, int data_len
+ 
+ 	case 46:	// NetBIOS over TCP/IP node type
+ 		printf("%d (%s)",
+-		    data[j + 2], netbios_node_type[data[j + 2]]);
++			data[j + 2],
++			data[j + 2] > strcountof(netbios_node_type) ?
++				"*unknown*" :
++				netbios_node_type[data[j + 2]]);
+ 		break;
+ 	    
+ 	case  2:	// Time offset
+@@ -480,7 +489,7 @@ int printdata(u_char *data, int data_len
  	case 36:	// Ethernet encapsulation
  		printf("%d (%s)",
  		    data[j + 2],
@@ -27,7 +52,7 @@ Last-Update: 2013-10-04
  			"*wrong value*" :
  			ethernet_encapsulation[data[j + 2]]);
  		break;
-@@ -488,7 +490,7 @@ int printdata(u_char *data, int data_len
+@@ -488,7 +497,7 @@ int printdata(u_char *data, int data_len
  	case 52:	// Option overload
  		printf("%d (%s)",
  		    data[j + 2],
@@ -36,7 +61,7 @@ Last-Update: 2013-10-04
  			"*wrong value*" :
  			option_overload[data[j + 2]]);
  		break;
-@@ -496,7 +498,7 @@ int printdata(u_char *data, int data_len
+@@ -496,7 +505,7 @@ int printdata(u_char *data, int data_len
  	case 53:	// DHCP message type
  		printf("%d (%s)",
  		    data[j + 2],
@@ -45,7 +70,7 @@ Last-Update: 2013-10-04
  			"*wrong value*" :
  			dhcp_message_types[data[j + 2]]);
  		break;
-@@ -528,7 +530,7 @@ int printdata(u_char *data, int data_len
+@@ -528,7 +537,7 @@ int printdata(u_char *data, int data_len
  	case 82:	// Relay Agent Information
  		for (i = j + 2; i < j + data[j + 1] + 2; ) {
  			printf("\n%-17s %-13s ", " ",