From 95cc814dbd37a4cb5a69b5eac80bd3e5173fe908 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Tue, 7 Jul 2009 14:59:30 +0200 Subject: udhcpd: fix a bug in add_lease where it was reading at [-1] It is not correct when we read lease file! Signed-off-by: Denys Vlasenko --- networking/udhcp/dhcpd.h | 5 +++-- networking/udhcp/files.c | 6 +++++- networking/udhcp/leases.c | 23 +++++++++++------------ networking/udhcp/serverpacket.c | 22 ++++++++++++++++------ 4 files changed, 35 insertions(+), 21 deletions(-) diff --git a/networking/udhcp/dhcpd.h b/networking/udhcp/dhcpd.h index 67cb78c..4f6b73e 100644 --- a/networking/udhcp/dhcpd.h +++ b/networking/udhcp/dhcpd.h @@ -89,7 +89,7 @@ struct dyn_lease { * (dhcp packet has chaddr[16], not [6]) */ uint8_t lease_mac[6]; - uint8_t hostname[20]; + char hostname[20]; uint8_t pad[2]; /* total size is a multiply of 4 */ } PACKED; @@ -98,7 +98,8 @@ extern struct dyn_lease *g_leases; struct dyn_lease *add_lease( const uint8_t *chaddr, uint32_t yiaddr, - leasetime_t leasetime, uint8_t *hostname + leasetime_t leasetime, + const char *hostname, int hostname_len ) FAST_FUNC; int is_expired_lease(struct dyn_lease *lease) FAST_FUNC; struct dyn_lease *find_lease_by_mac(const uint8_t *mac) FAST_FUNC; diff --git a/networking/udhcp/files.c b/networking/udhcp/files.c index 3559215..1b2cc96 100644 --- a/networking/udhcp/files.c +++ b/networking/udhcp/files.c @@ -420,7 +420,11 @@ void FAST_FUNC read_leases(const char *file) continue; /* NB: add_lease takes "relative time", IOW, * lease duration, not lease deadline. */ - if (!(add_lease(lease.lease_mac, lease.lease_nip, expires, lease.hostname))) { + if (add_lease(lease.lease_mac, lease.lease_nip, + expires, + lease.hostname, sizeof(lease.hostname) + ) == 0 + ) { bb_error_msg("too many leases while loading %s", file); break; } diff --git a/networking/udhcp/leases.c b/networking/udhcp/leases.c index 68fba72..afd41bf 100644 --- a/networking/udhcp/leases.c +++ b/networking/udhcp/leases.c @@ -50,10 +50,10 @@ static void clear_lease(const uint8_t *chaddr, uint32_t yiaddr) /* Add a lease into the table, clearing out any old ones */ struct dyn_lease* FAST_FUNC add_lease( const uint8_t *chaddr, uint32_t yiaddr, - leasetime_t leasetime, uint8_t *hostname) + leasetime_t leasetime, + const char *hostname, int hostname_len) { struct dyn_lease *oldest; - uint8_t hostname_length; /* clean out any old ones */ clear_lease(chaddr, yiaddr); @@ -63,16 +63,15 @@ struct dyn_lease* FAST_FUNC add_lease( if (oldest) { oldest->hostname[0] = '\0'; if (hostname) { - /* option size byte, + 1 for NUL */ - hostname_length = hostname[-1] + 1; - if (hostname_length > sizeof(oldest->hostname)) - hostname_length = sizeof(oldest->hostname); - hostname = (uint8_t*) safe_strncpy((char*)oldest->hostname, (char*)hostname, hostname_length); + char *p; + if (hostname_len > sizeof(oldest->hostname)) + hostname_len = sizeof(oldest->hostname); + p = safe_strncpy(oldest->hostname, hostname, hostname_len); /* sanitization (s/non-ASCII/^/g) */ - while (*hostname) { - if (*hostname < ' ' || *hostname > 126) - *hostname = '^'; - hostname++; + while (*p) { + if (*p < ' ' || *p > 126) + *p = '^'; + p++; } } memcpy(oldest->lease_mac, chaddr, 6); @@ -137,7 +136,7 @@ static int nobody_responds_to_arp(uint32_t nip, const uint8_t *safe_mac) temp.s_addr = nip; bb_info_msg("%s belongs to someone, reserving it for %u seconds", inet_ntoa(temp), (unsigned)server_config.conflict_time); - add_lease(blank_chaddr, nip, server_config.conflict_time, NULL); + add_lease(blank_chaddr, nip, server_config.conflict_time, NULL, 0); return 0; } diff --git a/networking/udhcp/serverpacket.c b/networking/udhcp/serverpacket.c index c3724e0..b48e415 100644 --- a/networking/udhcp/serverpacket.c +++ b/networking/udhcp/serverpacket.c @@ -130,7 +130,8 @@ int FAST_FUNC send_offer(struct dhcp_packet *oldpacket) uint32_t req_nip; uint32_t lease_time_sec = server_config.max_lease_sec; uint32_t static_lease_ip; - uint8_t *req_ip_opt, *p_host_name; + uint8_t *req_ip_opt; + const char *p_host_name; struct option_set *curr; struct in_addr addr; @@ -173,8 +174,13 @@ int FAST_FUNC send_offer(struct dhcp_packet *oldpacket) bb_error_msg("no IP addresses to give - OFFER abandoned"); return -1; } - p_host_name = get_option(oldpacket, DHCP_HOST_NAME); - if (!add_lease(packet.chaddr, packet.yiaddr, server_config.offer_time, p_host_name)) { + p_host_name = (const char*) get_option(oldpacket, DHCP_HOST_NAME); + if (add_lease(packet.chaddr, packet.yiaddr, + server_config.offer_time, + p_host_name, + p_host_name ? (unsigned char)p_host_name[OPT_LEN - OPT_DATA] : 0 + ) == 0 + ) { bb_error_msg("lease pool is full - OFFER abandoned"); return -1; } @@ -218,7 +224,7 @@ int FAST_FUNC send_ACK(struct dhcp_packet *oldpacket, uint32_t yiaddr) struct option_set *curr; uint32_t lease_time_sec; struct in_addr addr; - uint8_t *p_host_name; + const char *p_host_name; init_packet(&packet, oldpacket, DHCPACK); packet.yiaddr = yiaddr; @@ -242,8 +248,12 @@ int FAST_FUNC send_ACK(struct dhcp_packet *oldpacket, uint32_t yiaddr) if (send_packet(&packet, 0) < 0) return -1; - p_host_name = get_option(oldpacket, DHCP_HOST_NAME); - add_lease(packet.chaddr, packet.yiaddr, lease_time_sec, p_host_name); + p_host_name = (const char*) get_option(oldpacket, DHCP_HOST_NAME); + add_lease(packet.chaddr, packet.yiaddr, + lease_time_sec, + p_host_name, + p_host_name ? (unsigned char)p_host_name[OPT_LEN - OPT_DATA] : 0 + ); if (ENABLE_FEATURE_UDHCPD_WRITE_LEASES_EARLY) { /* rewrite the file with leases at every new acceptance */ write_leases(); -- cgit v1.1