From 9a94baa6c70326db636f182d8e5c2042f97ffb81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 29 Apr 2022 15:49:25 +0200 Subject: [PATCH 1/2] libsystemd-network: do not split messages in half This makes grepping for the messages unnecessarily painful. --- src/libsystemd-network/dhcp-packet.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/src/libsystemd-network/dhcp-packet.c b/src/libsystemd-network/dhcp-packet.c index d1a1cf57f3d..ce40ad5c323 100644 --- a/src/libsystemd-network/dhcp-packet.c +++ b/src/libsystemd-network/dhcp-packet.c @@ -144,14 +144,12 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum, ui hdrlen = packet->ip.ihl * 4; if (hdrlen < 20) return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), - "ignoring packet: IPv4 IHL (%zu bytes) " - "smaller than minimum (20 bytes)", + "ignoring packet: IPv4 IHL (%zu bytes) smaller than minimum (20 bytes)", hdrlen); if (len < hdrlen) return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), - "ignoring packet: packet (%zu bytes) " - "smaller than expected (%zu) by IP header", + "ignoring packet: packet (%zu bytes) smaller than expected (%zu) by IP header", len, hdrlen); /* UDP */ @@ -162,14 +160,12 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum, ui if (len < hdrlen + be16toh(packet->udp.len)) return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), - "ignoring packet: packet (%zu bytes) " - "smaller than expected (%zu) by UDP header", + "ignoring packet: packet (%zu bytes) smaller than expected (%zu) by UDP header", len, hdrlen + be16toh(packet->udp.len)); if (be16toh(packet->udp.dest) != port) return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), - "ignoring packet: to port %u, which " - "is not the DHCP client port (%u)", + "ignoring packet: to port %u, which is not the DHCP client port (%u)", be16toh(packet->udp.dest), port); /* checksums - computing these is relatively expensive, so only do it From 6f1b4574b464020ca306f08bd0dac4ca90fe7617 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 29 Apr 2022 15:55:59 +0200 Subject: [PATCH 2/2] libsystemd-network: add assert about packet length We reject too-short packets in client_receive_message_raw(), so the packets that dhcp_packet_verify_headers() gets are of sufficient size. But let's add an assert to clarify this for the reader. Closes #23223. --- src/libsystemd-network/dhcp-packet.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libsystemd-network/dhcp-packet.c b/src/libsystemd-network/dhcp-packet.c index ce40ad5c323..1543d9addee 100644 --- a/src/libsystemd-network/dhcp-packet.c +++ b/src/libsystemd-network/dhcp-packet.c @@ -129,6 +129,7 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum, ui size_t hdrlen; assert(packet); + assert(len >= sizeof(DHCPPacket)); /* IP */