[#254] Fixed memory leak in FQDN unpacking

RELNOTES Added a release note common/options.c fqdn_universe_decode() - replace returns with gotos to ensure memory is freed on label length errors
author: Thomas Markwalder <tmark@isc.org> 2022-08-04 16:22:35 -0400
committer: Tomek Mrugalski <tomek@isc.org> 2022-11-01 15:42:56 +0000
commit: 9e138021c88671f6902d5972fef922ce308a2d7c (patch)
tree: 820524af93c4380ac0357b455c2efcbd10389398 /common
parent: 6e491dab4454907795964604b4f3419b8b5e028b (diff)
download: isc-dhcp-9e138021c88671f6902d5972fef922ce308a2d7c.tar.gz
1 files changed, 4 insertions, 4 deletions
diff --git a/common/options.c b/common/options.c
index f0959cb2..25450e1d 100644
--- a/common/options.c
+++ b/common/options.c
@@ -454,16 +454,16 @@ int fqdn_universe_decode (struct option_state *options,
 		while (s < &bp -> data[0] + length + 2) {
 			len = *s;
 			if (len > 63) {
-				log_info ("fancy bits in fqdn option");
-				return 0;
+				log_info ("label length exceeds 63 in fqdn option");
+				goto bad;
 			}
 			if (len == 0) {
 				terminated = 1;
 				break;
 			}
 			if (s + len > &bp -> data [0] + length + 3) {
-				log_info ("fqdn tag longer than buffer");
-				return 0;
+				log_info ("fqdn label longer than buffer");
+				goto bad;
 			}
 
 			if (first_len == 0) {
author	Thomas Markwalder <tmark@isc.org>	2022-08-04 16:22:35 -0400
committer	Tomek Mrugalski <tomek@isc.org>	2022-11-01 15:42:56 +0000
commit	9e138021c88671f6902d5972fef922ce308a2d7c (patch)
tree	820524af93c4380ac0357b455c2efcbd10389398 /common
parent	6e491dab4454907795964604b4f3419b8b5e028b (diff)
download	isc-dhcp-9e138021c88671f6902d5972fef922ce308a2d7c.tar.gz