[git commit] udhcpd: fix a bug in add_lease where it was reading at [-1]

Denys Vlasenko vda.linux at googlemail.com
Tue Jul 7 12:59:30 UTC 2009 

commit: http://git.busybox.net/busybox/commit/?id=95cc814dbd37a4cb5a69b5eac80bd3e5173fe908
branch: http://git.busybox.net/busybox/commit/?id=refs/heads/master


It is not correct when we read lease file!

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 networking/udhcp/dhcpd.h        |    5 +++--
 networking/udhcp/files.c        |    6 +++++-
 networking/udhcp/leases.c       |   23 +++++++++++------------
 networking/udhcp/serverpacket.c |   22 ++++++++++++++++------
 4 files changed, 35 insertions(+), 21 deletions(-)

diff --git a/networking/udhcp/dhcpd.h b/networking/udhcp/dhcpd.h
index 67cb78c..4f6b73e 100644
--- a/networking/udhcp/dhcpd.h
+++ b/networking/udhcp/dhcpd.h
@@ -89,7 +89,7 @@ struct dyn_lease {
 	 * (dhcp packet has chaddr[16], not [6])
 	 */
 	uint8_t lease_mac[6];
-	uint8_t hostname[20];
+	char hostname[20];
 	uint8_t pad[2];
 	/* total size is a multiply of 4 */
 } PACKED;
@@ -98,7 +98,8 @@ extern struct dyn_lease *g_leases;
 
 struct dyn_lease *add_lease(
 		const uint8_t *chaddr, uint32_t yiaddr,
-		leasetime_t leasetime, uint8_t *hostname
+		leasetime_t leasetime,
+		const char *hostname, int hostname_len
 		) FAST_FUNC;
 int is_expired_lease(struct dyn_lease *lease) FAST_FUNC;
 struct dyn_lease *find_lease_by_mac(const uint8_t *mac) FAST_FUNC;
diff --git a/networking/udhcp/files.c b/networking/udhcp/files.c
index 3559215..1b2cc96 100644
--- a/networking/udhcp/files.c
+++ b/networking/udhcp/files.c
@@ -420,7 +420,11 @@ void FAST_FUNC read_leases(const char *file)
 				continue;
 			/* NB: add_lease takes "relative time", IOW,
 			 * lease duration, not lease deadline. */
-			if (!(add_lease(lease.lease_mac, lease.lease_nip, expires, lease.hostname))) {
+			if (add_lease(lease.lease_mac, lease.lease_nip,
+					expires,
+					lease.hostname, sizeof(lease.hostname)
+				) == 0
+			) {
 				bb_error_msg("too many leases while loading %s", file);
 				break;
 			}
diff --git a/networking/udhcp/leases.c b/networking/udhcp/leases.c
index 68fba72..afd41bf 100644
--- a/networking/udhcp/leases.c
+++ b/networking/udhcp/leases.c
@@ -50,10 +50,10 @@ static void clear_lease(const uint8_t *chaddr, uint32_t yiaddr)
 /* Add a lease into the table, clearing out any old ones */
 struct dyn_lease* FAST_FUNC add_lease(
 		const uint8_t *chaddr, uint32_t yiaddr,
-		leasetime_t leasetime, uint8_t *hostname)
+		leasetime_t leasetime,
+		const char *hostname, int hostname_len)
 {
 	struct dyn_lease *oldest;
-	uint8_t hostname_length;
 
 	/* clean out any old ones */
 	clear_lease(chaddr, yiaddr);
@@ -63,16 +63,15 @@ struct dyn_lease* FAST_FUNC add_lease(
 	if (oldest) {
 		oldest->hostname[0] = '\0';
 		if (hostname) {
-			/* option size byte, + 1 for NUL */
-        		hostname_length = hostname[-1] + 1;
-			if (hostname_length > sizeof(oldest->hostname))
-				hostname_length = sizeof(oldest->hostname);
-            		hostname = (uint8_t*) safe_strncpy((char*)oldest->hostname, (char*)hostname, hostname_length);
+			char *p;
+			if (hostname_len > sizeof(oldest->hostname))
+				hostname_len = sizeof(oldest->hostname);
+            		p = safe_strncpy(oldest->hostname, hostname, hostname_len);
 			/* sanitization (s/non-ASCII/^/g) */
-			while (*hostname) {
-				if (*hostname < ' ' || *hostname > 126)
-					*hostname = '^';
-				hostname++;
+			while (*p) {
+				if (*p < ' ' || *p > 126)
+					*p = '^';
+				p++;
 			}
 		}
 		memcpy(oldest->lease_mac, chaddr, 6);
@@ -137,7 +136,7 @@ static int nobody_responds_to_arp(uint32_t nip, const uint8_t *safe_mac)
 	temp.s_addr = nip;
 	bb_info_msg("%s belongs to someone, reserving it for %u seconds",
 		inet_ntoa(temp), (unsigned)server_config.conflict_time);
-	add_lease(blank_chaddr, nip, server_config.conflict_time, NULL);
+	add_lease(blank_chaddr, nip, server_config.conflict_time, NULL, 0);
 	return 0;
 }
 
diff --git a/networking/udhcp/serverpacket.c b/networking/udhcp/serverpacket.c
index c3724e0..b48e415 100644
--- a/networking/udhcp/serverpacket.c
+++ b/networking/udhcp/serverpacket.c
@@ -130,7 +130,8 @@ int FAST_FUNC send_offer(struct dhcp_packet *oldpacket)
 	uint32_t req_nip;
 	uint32_t lease_time_sec = server_config.max_lease_sec;
 	uint32_t static_lease_ip;
-	uint8_t *req_ip_opt, *p_host_name;
+	uint8_t *req_ip_opt;
+	const char *p_host_name;
 	struct option_set *curr;
 	struct in_addr addr;
 
@@ -173,8 +174,13 @@ int FAST_FUNC send_offer(struct dhcp_packet *oldpacket)
 			bb_error_msg("no IP addresses to give - OFFER abandoned");
 			return -1;
 		}
-		p_host_name = get_option(oldpacket, DHCP_HOST_NAME);
-		if (!add_lease(packet.chaddr, packet.yiaddr, server_config.offer_time, p_host_name)) {
+		p_host_name = (const char*) get_option(oldpacket, DHCP_HOST_NAME);
+		if (add_lease(packet.chaddr, packet.yiaddr,
+				server_config.offer_time,
+				p_host_name,
+				p_host_name ? (unsigned char)p_host_name[OPT_LEN - OPT_DATA] : 0
+			) == 0
+		) {
 			bb_error_msg("lease pool is full - OFFER abandoned");
 			return -1;
 		}
@@ -218,7 +224,7 @@ int FAST_FUNC send_ACK(struct dhcp_packet *oldpacket, uint32_t yiaddr)
 	struct option_set *curr;
 	uint32_t lease_time_sec;
 	struct in_addr addr;
-	uint8_t *p_host_name;
+	const char *p_host_name;
 
 	init_packet(&packet, oldpacket, DHCPACK);
 	packet.yiaddr = yiaddr;
@@ -242,8 +248,12 @@ int FAST_FUNC send_ACK(struct dhcp_packet *oldpacket, uint32_t yiaddr)
 	if (send_packet(&packet, 0) < 0)
 		return -1;
 
-	p_host_name = get_option(oldpacket, DHCP_HOST_NAME);
-	add_lease(packet.chaddr, packet.yiaddr, lease_time_sec, p_host_name);
+	p_host_name = (const char*) get_option(oldpacket, DHCP_HOST_NAME);
+	add_lease(packet.chaddr, packet.yiaddr,
+		lease_time_sec,
+		p_host_name,
+		p_host_name ? (unsigned char)p_host_name[OPT_LEN - OPT_DATA] : 0
+	);
 	if (ENABLE_FEATURE_UDHCPD_WRITE_LEASES_EARLY) {
 		/* rewrite the file with leases at every new acceptance */
 		write_leases();
-- 
1.6.3.3

More information about the busybox-cvs mailing list