diff options
Diffstat (limited to 'patches/source/dhcpcd')
-rw-r--r-- | patches/source/dhcpcd/COPYRIGHT | 26 | ||||
-rwxr-xr-x | patches/source/dhcpcd/dhcpcd.SlackBuild | 127 | ||||
-rw-r--r-- | patches/source/dhcpcd/dhcpcd.vararg.diff | 30 | ||||
-rw-r--r-- | patches/source/dhcpcd/patches/config.h.diff | 17 | ||||
-rw-r--r-- | patches/source/dhcpcd/patches/dhcpcd.8.in.diff | 12 | ||||
-rw-r--r-- | patches/source/dhcpcd/patches/dhcpcd.sh.diff | 17 | ||||
-rw-r--r-- | patches/source/dhcpcd/patches/dhcpcd3.sanitize_strings.diff | 346 | ||||
-rw-r--r-- | patches/source/dhcpcd/slack-desc | 19 |
8 files changed, 594 insertions, 0 deletions
diff --git a/patches/source/dhcpcd/COPYRIGHT b/patches/source/dhcpcd/COPYRIGHT new file mode 100644 index 000000000..07d9e683b --- /dev/null +++ b/patches/source/dhcpcd/COPYRIGHT @@ -0,0 +1,26 @@ +/* + * dhcpcd - DHCP client daemon + * Copyright 2006-2008 Roy Marples <roy@marples.name> + * All rights reserved + + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ diff --git a/patches/source/dhcpcd/dhcpcd.SlackBuild b/patches/source/dhcpcd/dhcpcd.SlackBuild new file mode 100755 index 000000000..75ec85a21 --- /dev/null +++ b/patches/source/dhcpcd/dhcpcd.SlackBuild @@ -0,0 +1,127 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-3.2.3} +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-dhcpcd + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf dhcpcd-$VERSION +tar xvf $CWD/dhcpcd-$VERSION.tar.bz2 || exit 1 +cd dhcpcd-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Sanitize shell metacharacters from strings provided by the DHCP server: +zcat $CWD/patches/dhcpcd3.sanitize_strings.diff.gz | patch -p1 --verbose || exit 1 + +# This changes the default locations where *.pid and other files are +# written - instead of various locations, use /etc/dhcpc +# The latter directory was long traditional, and (more importantly) +# you can't be sure that /var is mounted yet when dhcpcd is invoked. +zcat $CWD/patches/config.h.diff.gz | patch -p1 || exit 1 + +# Fixup the sample dhcpcd.sh script to reflect our changes +zcat $CWD/patches/dhcpcd.sh.diff.gz | patch -p1 || exit 1 + +# Fix a typo in the manpage +zcat $CWD/patches/dhcpcd.8.in.diff.gz | patch -p1 || exit 1 + +# Disable zeroconf support +# I'm not sure if this is necessary, to be honest. If we do this though, +# I think we'll want to edit the man page to remove references to it. +#sed -i 's%#define ENABLE_IPV4LL%#undef ENABLE_IPV4LL%' config.h + +# Fix segfaulting on x86_64. Apparently i?86 is more forgiving +#zcat $CWD/dhcpcd.vararg.diff.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ + make INFODIR=/etc/dhcpc || exit 1 + +# We'll install this manually, as the only thing "make install" actually +# installs is the executable and the man page, and the man page goes to +# the wrong place :-) +mkdir -p $PKG/sbin +cp -a dhcpcd $PKG/sbin + +mkdir -p $PKG/usr/man/man8 +gzip -9c dhcpcd.8 > $PKG/usr/man/man8/dhcpcd.8.gz + +# This script (or its equivalent) has been installed non-executable for +# several dhcpcd releases leading me to believe this is intentional on the +# part of the developers. Indeed, the script is called a "sample" in the +# included comments, and there's been at least one security issue related +# to its use in the past, so it's probably a safer bet to not install it so +# that it works "out of the box". However, making it non-executable is not +# the best solution for this as it leads to error messages in the system +# logs which I hear about from time to time. Instead, we'll make it +# executable, but will give it a suffix of -sample so that dhcpcd won't +# attempt to run it unless the admin specifically configure it to do so. +# As far as I can tell it does nothing more than add some extra verbosity +# to the logs anyway, and rc.inet1 already does that. There's really no +# need that I can see to enable the script. +mkdir -p $PKG/etc/dhcpc +cp -a dhcpcd.sh $PKG/etc/dhcpc/dhcpcd.sh-sample +chmod 755 $PKG/etc/dhcpc/dhcpcd.sh-sample + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/dhcpcd-$VERSION +cp -a README $PKG/usr/doc/dhcpcd-$VERSION +zcat $CWD/COPYRIGHT.gz > $PKG/usr/doc/dhcpcd-$VERSION/COPYRIGHT + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/dhcpcd-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/dhcpcd/dhcpcd.vararg.diff b/patches/source/dhcpcd/dhcpcd.vararg.diff new file mode 100644 index 000000000..b3ac81ca5 --- /dev/null +++ b/patches/source/dhcpcd/dhcpcd.vararg.diff @@ -0,0 +1,30 @@ +--- dhcpcd-2.0.8.orig/src/logger.c 2008-11-07 00:10:23.000000000 +0000 ++++ dhcpcd-2.0.8/src/logger.c 2008-11-07 00:13:46.000000000 +0000 +@@ -46,21 +46,25 @@ + { + va_list p; + va_list p2; ++ va_list p3; + FILE *f = stderr; + + va_start(p, fmt); + va_copy(p2, p); ++ va_copy(p3, p); + /* The default to send debug to stderr is just WAY too much console noise, IMHO */ + if(!Daemonized && strcmp(syslog_level_msg[level],"Info")) { + f = stdout; + /* fprintf(f, "%s, ", syslog_level_msg[level]); */ + vfprintf(f, fmt, p); + fputc('\n', f); +- vsyslog(level, fmt, p); ++ vsyslog(level, fmt, p2); + } + if ( level <= LogLevel ) +- vsyslog(level, fmt, p2); ++ vsyslog(level, fmt, p3); + va_end(p); ++ va_end(p2); ++ va_end(p3); + } + + // vim: set ts=4 : diff --git a/patches/source/dhcpcd/patches/config.h.diff b/patches/source/dhcpcd/patches/config.h.diff new file mode 100644 index 000000000..7bdefb600 --- /dev/null +++ b/patches/source/dhcpcd/patches/config.h.diff @@ -0,0 +1,17 @@ +diff -Nur dhcpcd-3.2.3.orig/config.h dhcpcd-3.2.3/config.h +--- dhcpcd-3.2.3.orig/config.h 2008-02-25 02:28:19.000000000 -0600 ++++ dhcpcd-3.2.3/config.h 2009-03-06 14:55:01.998436374 -0600 +@@ -71,10 +71,10 @@ + + #define OPENNTPFILE ETCDIR "/ntpd.conf" + +-#define DEFAULT_SCRIPT ETCDIR "/" PACKAGE ".sh" ++#define DEFAULT_SCRIPT INFODIR "/" PACKAGE ".sh" + +-#define STATEDIR "/var" +-#define PIDFILE STATEDIR "/run/" PACKAGE "-%s.pid" ++#define STATEDIR INFODIR ++#define PIDFILE INFODIR "/" PACKAGE "-%s.pid" + + #ifndef INFODIR + # define INFODIR "/var/lib/dhcpcd" diff --git a/patches/source/dhcpcd/patches/dhcpcd.8.in.diff b/patches/source/dhcpcd/patches/dhcpcd.8.in.diff new file mode 100644 index 000000000..7486c769a --- /dev/null +++ b/patches/source/dhcpcd/patches/dhcpcd.8.in.diff @@ -0,0 +1,12 @@ +diff -Nur dhcpcd-3.2.3.orig/dhcpcd.8.in dhcpcd-3.2.3/dhcpcd.8.in +--- dhcpcd-3.2.3.orig/dhcpcd.8.in 2008-02-25 02:28:19.000000000 -0600 ++++ dhcpcd-3.2.3/dhcpcd.8.in 2009-03-06 19:36:02.207109931 -0600 +@@ -117,7 +117,7 @@ + up, down or new depending on the state of + .Nm . + .Nm +-ignores the exist code of the script. ++ignores the exit code of the script. + .Ss Fine tuning + You can fine tune the behaviour of + .Nm diff --git a/patches/source/dhcpcd/patches/dhcpcd.sh.diff b/patches/source/dhcpcd/patches/dhcpcd.sh.diff new file mode 100644 index 000000000..290665a98 --- /dev/null +++ b/patches/source/dhcpcd/patches/dhcpcd.sh.diff @@ -0,0 +1,17 @@ +--- a/dhcpcd.sh 2009-03-06 19:22:41.247171672 -0600 ++++ b/dhcpcd.sh 2009-03-06 19:24:19.186014526 -0600 +@@ -1,10 +1,10 @@ + #!/bin/sh + # +-# This is a sample /etc/dhcpcd.sh script. +-# /etc/dhcpcd.sh script is executed by dhcpcd daemon ++# This is a sample /etc/dhcpc/dhcpcd.sh script. ++# /etc/dhcpc/dhcpcd.sh script is executed by dhcpcd daemon + # any time it configures or shuts down interface. +-# The following parameters are passed to dhcpcd.exe script: +-# $1 = HostInfoFilePath, e.g "/var/lib/dhcpcd/dhcpcd-eth0.info" ++# The following parameters are passed to the dhcpcd.sh script: ++# $1 = HostInfoFilePath, e.g "/etc/dhcpc/dhcpcd-eth0.info" + # $2 = "up" if interface has been configured with the same + # IP address as before reboot; + # $2 = "down" if interface has been shut down; diff --git a/patches/source/dhcpcd/patches/dhcpcd3.sanitize_strings.diff b/patches/source/dhcpcd/patches/dhcpcd3.sanitize_strings.diff new file mode 100644 index 000000000..406846f3f --- /dev/null +++ b/patches/source/dhcpcd/patches/dhcpcd3.sanitize_strings.diff @@ -0,0 +1,346 @@ +From 1e664b472a2a915ad31567de729ee0a521db93d0 Mon Sep 17 00:00:00 2001 +From: Marius Tomaschewski <mt@suse.de> +Date: Thu, 17 Mar 2011 22:18:16 +0100 +Subject: [PATCH] Discard string options with incorrect values + +Discard string options such as host and domain names +containing disallowed characters or beeing too long. +This proctive patch limits root-path to the a-zA-Z0-9, +space and the #%+-_:.,@~/\[]= characters. + +Signed-off-by: Marius Tomaschewski <mt@suse.de> +--- + configure.c | 15 +++--- + dhcp.c | 160 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- + dhcp.h | 8 +++ + dhcpcd.c | 9 +++- + 4 files changed, 177 insertions(+), 15 deletions(-) + +diff --git a/configure.c b/configure.c +index 0969f73..24dd6e8 100644 +--- a/configure.c ++++ b/configure.c +@@ -453,7 +453,7 @@ static char *lookuphostname (char *hostname, const dhcp_t *dhcp, + char *addr; + struct addrinfo hints; + struct addrinfo *res = NULL; +- int result; ++ int result, check; + char *p; + + logger (LOG_DEBUG, "Looking up hostname via DNS"); +@@ -479,9 +479,10 @@ static char *lookuphostname (char *hostname, const dhcp_t *dhcp, + result = getaddrinfo (addr, "0", &hints, &res); + if (res) + freeaddrinfo (res); +- if (result == 0) ++ check = check_domain_name(addr, strlen(addr), 0); ++ if (result == 0 || check != 0) + logger (LOG_ERR, "malicious PTR record detected"); +- if (result == 0 || ! *addr) { ++ if (result == 0 || ! *addr || check != 0) { + free (addr); + return (NULL); + } +@@ -758,12 +759,12 @@ int configure (const options_t *options, interface_t *iface, + #endif + + curhostname = xmalloc (sizeof (char) * MAXHOSTNAMELEN); +- *curhostname = '\0'; ++ memset(curhostname, 0, MAXHOSTNAMELEN); + +- gethostname (curhostname, MAXHOSTNAMELEN); ++ gethostname (curhostname, MAXHOSTNAMELEN - 1); ++ curhostname[MAXHOSTNAMELEN - 1] = '\0'; + if (options->dohostname || +- strlen (curhostname) == 0 || +- strcmp (curhostname, "(none)") == 0 || ++ check_domain_name(curhostname, strlen (curhostname), 0) != 0 || + strcmp (curhostname, "localhost") == 0) + { + newhostname = xmalloc (sizeof (char) * MAXHOSTNAMELEN); +diff --git a/dhcp.c b/dhcp.c +index 8ed66da..5165078 100644 +--- a/dhcp.c ++++ b/dhcp.c +@@ -41,6 +41,8 @@ + #include <stdint.h> + #include <stdlib.h> + #include <string.h> ++#include <stddef.h> ++#include <ctype.h> + + #include "config.h" + +@@ -618,6 +620,106 @@ static struct route_head *decode_routers (const unsigned char *data, int length) + return (head); + } + ++int check_domain_name(const char *ptr, size_t len, int dots) ++{ ++ const char *p; ++ ++ /* not empty or complete length not over 255 characters */ ++ if (len == 0 || len > 256) ++ return -1; ++ ++ /* consists of [[:alnum:]-]+ labels separated by [.] */ ++ /* a [_] is against RFC but seems to be "widely used"... */ ++ for (p=ptr; *p && len-- > 0; p++) { ++ if ( *p == '-' || *p == '_') { ++ /* not allowed at begin or end of a label */ ++ if ((p - ptr) == 0 || len == 0 || p[1] == '.') ++ return -1; ++ } else ++ if ( *p == '.') { ++ /* each label has to be 1-63 characters; ++ we allow [.] at the end ('foo.bar.') */ ++ ptrdiff_t d = p - ptr; ++ if( d <= 0 || d >= 64) ++ return -1; ++ ptr = p + 1; /* jump to the next label */ ++ if(dots > 0 && len > 0) ++ dots--; ++ } else ++ if ( !isalnum((int)*p)) { ++ /* also numbers at the begin are fine */ ++ return -1; ++ } ++ } ++ return dots ? -1 : 0; ++} ++ ++int check_domain_name_list(const char *ptr, size_t len, int dots) ++{ ++ const char *p; ++ int ret = -1; /* at least one needed */ ++ ++ if (!ptr || !len) ++ return -1; ++ ++ for (p=ptr; *p && len > 0; p++, len--) { ++ if (*p != ' ') ++ continue; ++ if (p > ptr) { ++ if (check_domain_name(ptr, p - ptr, dots) != 0) ++ return -1; ++ ret = 0; ++ } ++ ptr = p + 1; ++ } ++ if (p > ptr) ++ return check_domain_name(ptr, p - ptr, dots); ++ else ++ return ret; ++} ++ ++int check_dhcpoption(unsigned char option, const char *ptr, size_t len) ++{ ++ if( !ptr) ++ return -1; ++ ++ switch (option) { ++ case DHCP_NETBIOSNODETYPE: ++ if(len == 1 && ((int)*ptr == 1 || (int)*ptr == 2 || ++ (int)*ptr == 4 || (int)*ptr == 8)) ++ return 0; ++ break; ++ case DHCP_HOSTNAME: ++ case DHCP_DNSDOMAIN: ++ case DHCP_NISDOMAIN: ++ case DHCP_NETBIOSSCOPE: ++ return check_domain_name(ptr, len, 0); ++ break; ++ case DHCP_SIPSERVER: ++ case DHCP_DNSSEARCH: ++ return check_domain_name_list(ptr, len, 0); ++ break; ++ case DHCP_ROOTPATH: ++ if( len == 0) ++ return -1; ++ for (; *ptr && len-- > 0; ptr++) { ++ if( !(isalnum((int)*ptr) || ++ *ptr == '#' || *ptr == '%' || ++ *ptr == '+' || *ptr == '-' || ++ *ptr == '_' || *ptr == ':' || ++ *ptr == '.' || *ptr == ',' || ++ *ptr == '@' || *ptr == '~' || ++ *ptr == '\\' || *ptr == '/' || ++ *ptr == '[' || *ptr == ']' || ++ *ptr == '=' || *ptr == ' ')) ++ return -1; ++ } ++ return 0; ++ break; ++ } ++ return -1; ++} ++ + int parse_dhcpmessage (dhcp_t *dhcp, const dhcpmessage_t *message) + { + const unsigned char *p = message->options; +@@ -646,8 +748,16 @@ int parse_dhcpmessage (dhcp_t *dhcp, const dhcpmessage_t *message) + dhcp->leasedfrom = tv.tv_sec; + dhcp->frominfo = false; + dhcp->address.s_addr = message->yiaddr; +- strlcpy (dhcp->servername, (char *) message->servername, +- sizeof (dhcp->servername)); ++ if (message->servername[0] != '\0' && ++ check_domain_name((const char *)message->servername, ++ strlen((const char *)message->servername), 0) != 0) ++ { ++ logger (LOG_ERR, "suspect value in SERVERNAME - discarded"); ++ dhcp->servername[0] = '\0'; ++ } else { ++ strlcpy (dhcp->servername, (char *) message->servername, ++ sizeof (dhcp->servername)); ++ } + + #define LEN_ERR \ + { \ +@@ -768,10 +878,20 @@ parse_start: + memcpy (_var, p, (size_t) length); \ + memset (_var + length, 0, 1); \ + } ++#define CHECKOPT(_opt,_var) \ ++ if(check_dhcpoption(_opt, (const char *)p, length) != 0) { \ ++ logger (LOG_ERR, "suspect value in option %s - discarded", #_opt); \ ++ if (_var) free (_var); \ ++ _var = NULL; \ ++ } + case DHCP_HOSTNAME: ++ CHECKOPT (DHCP_HOSTNAME, dhcp->hostname) ++ else + GETSTR (dhcp->hostname); + break; + case DHCP_DNSDOMAIN: ++ CHECKOPT (DHCP_DNSDOMAIN, dhcp->dnsdomain) ++ else + GETSTR (dhcp->dnsdomain); + break; + case DHCP_MESSAGE: +@@ -779,11 +899,15 @@ parse_start: + break; + #ifdef ENABLE_INFO + case DHCP_ROOTPATH: ++ CHECKOPT (DHCP_ROOTPATH, dhcp->rootpath) ++ else + GETSTR (dhcp->rootpath); + break; + #endif + #ifdef ENABLE_NIS + case DHCP_NISDOMAIN: ++ CHECKOPT (DHCP_NISDOMAIN, dhcp->nisdomain) ++ else + GETSTR (dhcp->nisdomain); + break; + #endif +@@ -814,11 +938,21 @@ parse_start: + case DHCP_DNSSEARCH: + MIN_LENGTH (1); + free (dhcp->dnssearch); ++ dhcp->dnssearch = NULL; + len = decode_search (p, length, NULL); + if (len > 0) { +- dhcp->dnssearch = xmalloc (len); +- decode_search (p, length, +- dhcp->dnssearch); ++ char *str = xmalloc (len); ++ decode_search (p, length, str); ++ if(check_dhcpoption(DHCP_DNSSEARCH, ++ str, len - 1) != 0) { ++ logger (LOG_ERR, ++ "suspect value in " ++ "option %s - discarded", ++ "DHCP_DNSSEARCH"); ++ free(str); ++ } else { ++ dhcp->dnssearch = str; ++ } + } + break; + +@@ -837,7 +971,20 @@ parse_start: + #ifdef ENABLE_INFO + case DHCP_SIPSERVER: + free (dhcp->sipservers); +- dhcp->sipservers = decode_sipservers (p,length); ++ dhcp->sipservers = NULL; ++ { ++ char *str = decode_sipservers (p,length); ++ if(check_dhcpoption(DHCP_SIPSERVER, ++ str, strlen(str)) != 0) { ++ logger (LOG_ERR, ++ "suspect value in " ++ "option %s - discarded", ++ "DHCP_SIPSERVER"); ++ free(str); ++ } else { ++ dhcp->sipservers = str; ++ } ++ } + break; + #endif + +@@ -873,6 +1020,7 @@ parse_start: + #undef LENGTH + #undef MIN_LENGTH + #undef MULT_LENGTH ++#undef CHECKOPT + + default: + logger (LOG_DEBUG, +diff --git a/dhcp.h b/dhcp.h +index cc66d13..d2cdc45 100644 +--- a/dhcp.h ++++ b/dhcp.h +@@ -86,6 +86,10 @@ enum DHCP_OPTIONS + DHCP_NISDOMAIN = 40, + DHCP_NISSERVER = 41, + DHCP_NTPSERVER = 42, ++ DHCP_NETBIOSNAMESERVER = 44, ++ DHCP_NETBIOSDDSERVER = 45, ++ DHCP_NETBIOSNODETYPE = 46, ++ DHCP_NETBIOSSCOPE = 47, + DHCP_ADDRESS = 50, + DHCP_LEASETIME = 51, + DHCP_OPTIONSOVERLOADED = 52, +@@ -213,4 +217,8 @@ ssize_t send_message (const interface_t *iface, const dhcp_t *dhcp, + void free_dhcp (dhcp_t *dhcp); + int parse_dhcpmessage (dhcp_t *dhcp, const dhcpmessage_t *message); + ++int check_dhcpoption (unsigned char option, const char *ptr, size_t len); ++int check_domain_name(const char *ptr, size_t len, int dots); ++int check_domain_name_list(const char *ptr, size_t len, int dots); ++ + #endif +diff --git a/dhcpcd.c b/dhcpcd.c +index e101847..318dd7f 100644 +--- a/dhcpcd.c ++++ b/dhcpcd.c +@@ -178,8 +178,10 @@ int main(int argc, char **argv) + options->doduid = true; + options->timeout = DEFAULT_TIMEOUT; + +- gethostname (options->hostname, sizeof (options->hostname)); +- if (strcmp (options->hostname, "(none)") == 0 || ++ memset (options->hostname, 0, sizeof (options->hostname)); ++ gethostname (options->hostname, sizeof (options->hostname) - 1); ++ options->hostname[sizeof (options->hostname) - 1] = '\0'; ++ if (check_domain_name(options->hostname, strlen(options->hostname), 0) != 0 || + strcmp (options->hostname, "localhost") == 0) + memset (options->hostname, 0, sizeof (options->hostname)); + +@@ -228,6 +230,9 @@ int main(int argc, char **argv) + "`%s' too long for HostName string, max is %d", + optarg, MAXHOSTNAMELEN); + goto abort; ++ } else if(check_domain_name(optarg, strlen(optarg), 0) != 0) { ++ logger (LOG_ERR, "suspect string in hostname argument"); ++ goto abort; + } else + strlcpy (options->hostname, optarg, + sizeof (options->hostname)); +-- +1.7.1 + diff --git a/patches/source/dhcpcd/slack-desc b/patches/source/dhcpcd/slack-desc new file mode 100644 index 000000000..04859d7cb --- /dev/null +++ b/patches/source/dhcpcd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +dhcpcd: dhcpcd (DHCP client daemon) +dhcpcd: +dhcpcd: The DHCP client program dhcpcd is used to connect to a network by +dhcpcd: contacting a DHCP server. dhcpcd gets an IP address and other +dhcpcd: information from a corresponding DHCP server, configures the network +dhcpcd: interface automatically, and tries to renew the lease time according +dhcpcd: to RFC2131 or RFC1541 depending on the command line option. +dhcpcd: +dhcpcd: +dhcpcd: +dhcpcd: |