CVSROOT: /cvs Module name: src Changes by: [email protected] 2010/03/25 12:37:36
Modified files:
sbin/dhclient : dhclient.c
Log message:
be more strict in check_option().
ISC dhclient had a buffer overflow:
http://www.kb.cert.org/vuls/id/410676
and while our dhclient is not vulnerable to that, it got us looking at
how the subnet mask option is handled. this limits specific ip
address options to length 4 in conformance with RFC 2132. discussion
started by william@ and with input from krw@
ok krw@
