diff options
author | Simon Kelley <simon@thekelleys.org.uk> | 2021-07-20 23:45:36 +0100 |
---|---|---|
committer | Simon Kelley <simon@thekelleys.org.uk> | 2021-07-20 23:45:36 +0100 |
commit | cbd984287f11eddb77a58bd4e07eb1b7c1e3edf3 (patch) | |
tree | 75b3dc1051769aeb84c373db8c2b243c921e1e99 | |
parent | 32e15c3f458c2e8838a9ecf7d478ecb6750516bf (diff) | |
download | dnsmasq-cbd984287f11eddb77a58bd4e07eb1b7c1e3edf3.tar.gz |
Fix argument checking for --dhcp-match.
Spotted by Max Julian Hofmann and the Advanced Research Team at CrowdStrike
-rw-r--r-- | src/option.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/option.c b/src/option.c index ca8563a..e52c880 100644 --- a/src/option.c +++ b/src/option.c @@ -1188,11 +1188,15 @@ static int parse_dhcp_opt(char *errstr, char *arg, int flags) { new->u.vendor_class = (unsigned char *)opt_string_alloc(arg+7); new->flags |= DHOPT_VENDOR; + if ((new->flags & DHOPT_ENCAPSULATE) || flags == DHOPT_MATCH) + goto_err(_("inappropriate vendor:")); } else if (strstr(arg, "encap:") == arg) { new->u.encap = atoi(arg+6); new->flags |= DHOPT_ENCAPSULATE; + if ((new->flags & DHOPT_VENDOR) || flags == DHOPT_MATCH) + goto_err(_("inappropriate encap:")); } else if (strstr(arg, "vi-encap:") == arg) { |