blob: d605204f895542af009ff90340d608a00a3e96f6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
From 5c959166ebee7605e2048de573f2475b4d731ff7 Mon Sep 17 00:00:00 2001
From: Hitendra Prajapati <hprajapati@mvista.com>
Date: Thu, 6 Oct 2022 09:42:59 +0530
Subject: [PATCH] CVE-2022-2929
Upstream-Status: Backport [https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/]
CVE: CVE-2022-2929
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
common/options.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/common/options.c b/common/options.c
index 4e53bb4..28800fc 100644
--- a/common/options.c
+++ b/common/options.c
@@ -454,16 +454,16 @@ int fqdn_universe_decode (struct option_state *options,
while (s < &bp -> data[0] + length + 2) {
len = *s;
if (len > 63) {
- log_info ("fancy bits in fqdn option");
- return 0;
+ log_info ("label length exceeds 63 in fqdn option");
+ goto bad;
}
if (len == 0) {
terminated = 1;
break;
}
if (s + len > &bp -> data [0] + length + 3) {
- log_info ("fqdn tag longer than buffer");
- return 0;
+ log_info ("fqdn label longer than buffer");
+ goto bad;
}
if (first_len == 0) {
--
2.25.1
|
