Allow zero-length client ids when hashing. Ticket 21253

2 files changed, 13 insertions, 3 deletions

diff --git a/RELNOTES b/RELNOTES
index 57a928eb..f25a977b 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -54,6 +54,10 @@ work on other platforms. Please report any problems and suggested fixes to
 - Prohibit including lease time information in a response to a DHCP INFORM
   Bug ticket 21092.
 
+! Accept a client id of length 0 while hashing.  Previously the server would
+  exit if it attempted to hash a zero length client id, providing attackers
+  with a simple denial of service attack.  Bug ticket 21253.
+
                         Changes since 4.1.1rc1
 
 - When using 'ignore client-updates;', the FQDN returned to the client
diff --git a/omapip/hash.c b/omapip/hash.c
index e33f803e..c3aa737c 100644
--- a/omapip/hash.c
+++ b/omapip/hash.c
@@ -3,7 +3,8 @@
    Routines for manipulating hash tables... */
 
 /*
- * Copyright (c) 2004-2007,2009 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2009-2010 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2007 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 1995-2003 by Internet Software Consortium
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -49,8 +50,13 @@ find_length(const void *key,
 	if (do_hash == do_ip4_hash)
 		return 4;
 
-	log_fatal("Impossible condition at %s:%d.", MDL);
-	return 0; /* Silence compiler warnings. */
+	log_debug("Unexpected hash function at %s:%d.", MDL);
+	/*
+	 * If we get a hash function we don't specifically expect
+	 * return a length of 0, this covers the case where a client
+	 * id has a length of 0.
+	 */
+	return 0;
 }
 
 int new_hash_table (tp, count, file, line)