[git commit] udhcpd: check config file for bad IP ranges (start > end)

Thu Sep 2 12:40:54 UTC 2021

commit: https://git.busybox.net/busybox/commit/?id=62d0c8e02872d444ba20b4bdf638ac26c509a3dd
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master

function                                             old     new   delta
.rodata                                           104209  104238     +29
read_config                                          208     225     +17
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 46/0)               Total: 46 bytes

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 networking/udhcp/dhcpd.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/networking/udhcp/dhcpd.c b/networking/udhcp/dhcpd.c
index eef8a3b59..b67dfc3bc 100644
--- a/networking/udhcp/dhcpd.c
+++ b/networking/udhcp/dhcpd.c
@@ -451,6 +451,8 @@ static NOINLINE void read_config(const char *file)
 
 	server_data.start_ip = ntohl(server_data.start_ip);
 	server_data.end_ip = ntohl(server_data.end_ip);
+	if (server_data.start_ip > server_data.end_ip)
+		bb_error_msg_and_die("bad start/end IP range in %s", file);
 }
 
 static void write_leases(void)
@@ -858,7 +860,6 @@ int udhcpd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int udhcpd_main(int argc UNUSED_PARAM, char **argv)
 {
 	int server_socket = -1, retval;
-	uint8_t *state;
 	unsigned timeout_end;
 	unsigned num_ips;
 	unsigned opt;
@@ -966,6 +967,7 @@ int udhcpd_main(int argc UNUSED_PARAM, char **argv)
 		struct dhcp_packet packet;
 		int bytes;
 		int tv;
+		uint8_t *msg_type;
 		uint8_t *server_id_opt;
 		uint8_t *requested_ip_opt;
 		uint32_t requested_nip;
@@ -1040,8 +1042,8 @@ int udhcpd_main(int argc UNUSED_PARAM, char **argv)
 			bb_info_msg("not a REQUEST%s", ", ignoring packet");
 			continue;
 		}
-		state = udhcp_get_option(&packet, DHCP_MESSAGE_TYPE);
-		if (state == NULL || state[0] < DHCP_MINTYPE || state[0] > DHCP_MAXTYPE) {
+		msg_type = udhcp_get_option(&packet, DHCP_MESSAGE_TYPE);
+		if (!msg_type || msg_type[0] < DHCP_MINTYPE || msg_type[0] > DHCP_MAXTYPE) {
 			bb_info_msg("no or bad message type option%s", ", ignoring packet");
 			continue;
 		}
@@ -1077,7 +1079,7 @@ int udhcpd_main(int argc UNUSED_PARAM, char **argv)
 			move_from_unaligned32(requested_nip, requested_ip_opt);
 		}
 
-		switch (state[0]) {
+		switch (msg_type[0]) {
 
 		case DHCPDISCOVER:
 			log1("received %s", "DISCOVER");
