CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2026/06/15 11:07:34
Modified files:
sbin/dhcpleased: engine.c
Log message:
Make sure UDP header length field at least covers the UDP header.
We clamp the amount of data we are willing to parse to the length of
the UDP packet as indicated by the UDP header length field. While we
made sure that the length field did not point past the received data,
we never checked if the length is smaller than the udp header. Since
we are using BPF, the kernel also does not doe this for us. This might
in turn lead to an underflow and a subsequent crash of the engine
process.
Pointed out and diff provided by Andrew Griffiths, thanks!
