diff options
author | Shawn Routhier <sar@isc.org> | 2012-06-27 21:33:25 +0000 |
---|---|---|
committer | Shawn Routhier <sar@isc.org> | 2012-06-27 21:33:25 +0000 |
commit | e563ec2e5898119b6af8421f30d3513947348ceb (patch) | |
tree | c6d7efe36bec0c4b78072dd46acc5bc6e8fb6ec2 /includes | |
parent | de87ffe336431082037edc911d202413e6fb51d4 (diff) | |
download | isc-dhcp-e563ec2e5898119b6af8421f30d3513947348ceb.tar.gz |
When attempting to convert a DUID from a client id option
into a hardware address handle unexpected client ids properly.
Thanks to Markus Hietava of Codenomicon CROSS project for the
finding this issue and CERT-FI for vulnerability coordination.
[ISC-Bugs #29852]
CVE: CVE-2012-3570
Diffstat (limited to 'includes')
-rw-r--r-- | includes/dhcpd.h | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/includes/dhcpd.h b/includes/dhcpd.h index 6aaa6ed0..b8792fae 100644 --- a/includes/dhcpd.h +++ b/includes/dhcpd.h @@ -432,11 +432,17 @@ struct packet { isc_boolean_t unicast; }; -/* A network interface's MAC address. */ +/* + * A network interface's MAC address. + * 20 bytes for the hardware address + * and 1 byte for the type tag + */ + +#define HARDWARE_ADDR_LEN 20 struct hardware { u_int8_t hlen; - u_int8_t hbuf[21]; + u_int8_t hbuf[HARDWARE_ADDR_LEN + 1]; }; #if defined(LDAP_CONFIGURATION) |