diff options
| author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2021-01-12 14:03:43 +0100 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2021-01-12 16:00:56 +0100 |
| commit | 5a99444e4fe80c2ed416ca402b437e780a9de4b8 (patch) | |
| tree | 01c9856372353c69d679f3f123793bb84a54abb9 | |
| parent | network: refuse zero length dhcp user class (diff) | |
| download | systemd-5a99444e4fe80c2ed416ca402b437e780a9de4b8.tar.xz systemd-5a99444e4fe80c2ed416ca402b437e780a9de4b8.zip | |
dhcp6: refuse zero length dhcp user class
This also fixes a memory leak when
sd_dhcp6_client_set_request_user_class() is called multiple times.
| -rw-r--r-- | src/libsystemd-network/dhcp6-internal.h | 2 | ||||
| -rw-r--r-- | src/libsystemd-network/dhcp6-option.c | 13 | ||||
| -rw-r--r-- | src/libsystemd-network/sd-dhcp6-client.c | 20 | ||||
| -rw-r--r-- | src/systemd/sd-dhcp6-client.h | 2 |
4 files changed, 20 insertions, 17 deletions
diff --git a/src/libsystemd-network/dhcp6-internal.h b/src/libsystemd-network/dhcp6-internal.h index 24d8a314a4..d02186a4b2 100644 --- a/src/libsystemd-network/dhcp6-internal.h +++ b/src/libsystemd-network/dhcp6-internal.h @@ -99,7 +99,7 @@ int dhcp6_option_append(uint8_t **buf, size_t *buflen, uint16_t code, int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, const DHCP6IA *ia); int dhcp6_option_append_pd(uint8_t *buf, size_t len, const DHCP6IA *pd, DHCP6Address *hint_pd_prefix); int dhcp6_option_append_fqdn(uint8_t **buf, size_t *buflen, const char *fqdn); -int dhcp6_option_append_user_class(uint8_t **buf, size_t *buflen, char **user_class); +int dhcp6_option_append_user_class(uint8_t **buf, size_t *buflen, char * const *user_class); int dhcp6_option_append_vendor_class(uint8_t **buf, size_t *buflen, char **user_class); int dhcp6_option_append_vendor_option(uint8_t **buf, size_t *buflen, OrderedHashmap *vendor_options); int dhcp6_option_parse(uint8_t **buf, size_t *buflen, uint16_t *optcode, diff --git a/src/libsystemd-network/dhcp6-option.c b/src/libsystemd-network/dhcp6-option.c index e2bf4f7e36..8151e66bca 100644 --- a/src/libsystemd-network/dhcp6-option.c +++ b/src/libsystemd-network/dhcp6-option.c @@ -200,19 +200,22 @@ int dhcp6_option_append_fqdn(uint8_t **buf, size_t *buflen, const char *fqdn) { return r; } -int dhcp6_option_append_user_class(uint8_t **buf, size_t *buflen, char **user_class) { +int dhcp6_option_append_user_class(uint8_t **buf, size_t *buflen, char * const *user_class) { _cleanup_free_ uint8_t *p = NULL; size_t total = 0, offset = 0; - char **s; + char * const *s; - assert_return(buf && *buf && buflen && user_class, -EINVAL); + assert(buf); + assert(*buf); + assert(buflen); + assert(!strv_isempty(user_class)); STRV_FOREACH(s, user_class) { size_t len = strlen(*s); uint8_t *q; - if (len > 0xffff) - return -ENAMETOOLONG; + if (len > 0xffff || len == 0) + return -EINVAL; q = realloc(p, total + len + 2); if (!q) return -ENOMEM; diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c index e068e0dc91..105d09f334 100644 --- a/src/libsystemd-network/sd-dhcp6-client.c +++ b/src/libsystemd-network/sd-dhcp6-client.c @@ -464,26 +464,26 @@ int sd_dhcp6_client_set_request_mud_url(sd_dhcp6_client *client, const char *mud return free_and_strdup(&client->mudurl, mudurl); } -int sd_dhcp6_client_set_request_user_class(sd_dhcp6_client *client, char **user_class) { - _cleanup_strv_free_ char **s = NULL; - char **p; +int sd_dhcp6_client_set_request_user_class(sd_dhcp6_client *client, char * const *user_class) { + char * const *p; + char **s; assert_return(client, -EINVAL); assert_return(client->state == DHCP6_STATE_STOPPED, -EBUSY); + assert_return(!strv_isempty(user_class), -EINVAL); - assert_return(user_class, -EINVAL); + STRV_FOREACH(p, user_class) { + size_t len = strlen(*p); - STRV_FOREACH(p, user_class) - if (strlen(*p) > UINT16_MAX) - return -ENAMETOOLONG; + if (len > UINT16_MAX || len == 0) + return -EINVAL; + } s = strv_copy(user_class); if (!s) return -ENOMEM; - client->user_class = TAKE_PTR(s); - - return 0; + return strv_free_and_replace(client->user_class, s); } int sd_dhcp6_client_set_request_vendor_class(sd_dhcp6_client *client, char **vendor_class) { diff --git a/src/systemd/sd-dhcp6-client.h b/src/systemd/sd-dhcp6-client.h index 75ee27d68b..492e281f8b 100644 --- a/src/systemd/sd-dhcp6-client.h +++ b/src/systemd/sd-dhcp6-client.h @@ -133,7 +133,7 @@ int sd_dhcp6_client_set_request_mud_url( const char *mudurl); int sd_dhcp6_client_set_request_user_class( sd_dhcp6_client *client, - char** user_class); + char * const *user_class); int sd_dhcp6_client_set_request_vendor_class( sd_dhcp6_client *client, char** vendor_class); |