1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00

Merge pull request #23226 from keszybz/libsystemd-length-assert

Add assert about DHCP packet length in libsystemd-network
This commit is contained in:
Yu Watanabe 2022-04-30 03:03:18 +09:00 committed by GitHub
commit df8774263c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -129,6 +129,7 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum, ui
size_t hdrlen; size_t hdrlen;
assert(packet); assert(packet);
assert(len >= sizeof(DHCPPacket));
/* IP */ /* IP */
@ -144,14 +145,12 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum, ui
hdrlen = packet->ip.ihl * 4; hdrlen = packet->ip.ihl * 4;
if (hdrlen < 20) if (hdrlen < 20)
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
"ignoring packet: IPv4 IHL (%zu bytes) " "ignoring packet: IPv4 IHL (%zu bytes) smaller than minimum (20 bytes)",
"smaller than minimum (20 bytes)",
hdrlen); hdrlen);
if (len < hdrlen) if (len < hdrlen)
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
"ignoring packet: packet (%zu bytes) " "ignoring packet: packet (%zu bytes) smaller than expected (%zu) by IP header",
"smaller than expected (%zu) by IP header",
len, hdrlen); len, hdrlen);
/* UDP */ /* UDP */
@ -162,14 +161,12 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum, ui
if (len < hdrlen + be16toh(packet->udp.len)) if (len < hdrlen + be16toh(packet->udp.len))
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
"ignoring packet: packet (%zu bytes) " "ignoring packet: packet (%zu bytes) smaller than expected (%zu) by UDP header",
"smaller than expected (%zu) by UDP header",
len, hdrlen + be16toh(packet->udp.len)); len, hdrlen + be16toh(packet->udp.len));
if (be16toh(packet->udp.dest) != port) if (be16toh(packet->udp.dest) != port)
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
"ignoring packet: to port %u, which " "ignoring packet: to port %u, which is not the DHCP client port (%u)",
"is not the DHCP client port (%u)",
be16toh(packet->udp.dest), port); be16toh(packet->udp.dest), port);
/* checksums - computing these is relatively expensive, so only do it /* checksums - computing these is relatively expensive, so only do it