From 7908dd6730693d7f6a09485b56de7eed0b77afbe Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Fri, 1 Apr 2016 14:42:22 +0200 Subject: [PATCH] dhcp-identifier: handle too long duid_len in dhcp_validate_duid_len() Callers of dhcp_validate_duid_len() know that they must not pass a zero duid_len. Thus asserting against that is appropriate. On the other hand, they are not aware of the maximum allowed length of a duid, as that is the reason why they call dhcp_validate_duid_len() in the first place. So dhcp_validate_duid_len() should just signal a regular error. Thereby, change assert_return() to an assert() as this is an internal function. --- src/libsystemd-network/dhcp-identifier.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/libsystemd-network/dhcp-identifier.h b/src/libsystemd-network/dhcp-identifier.h index babae15c5bc..e6486b78f86 100644 --- a/src/libsystemd-network/dhcp-identifier.h +++ b/src/libsystemd-network/dhcp-identifier.h @@ -75,7 +75,7 @@ int dhcp_identifier_set_iaid(int ifindex, uint8_t *mac, size_t mac_len, void *_i static inline int dhcp_validate_duid_len(uint16_t duid_type, size_t duid_len) { struct duid d; - assert_return(duid_len > 0 && duid_len <= MAX_DUID_LEN, -EINVAL); + assert(duid_len > 0); switch (duid_type) { case DUID_TYPE_LLT: @@ -95,6 +95,8 @@ static inline int dhcp_validate_duid_len(uint16_t duid_type, size_t duid_len) { return -EINVAL; break; default: + if (duid_len > sizeof(d.raw)) + return -EINVAL; /* accept unknown type in order to be forward compatible */ break; }