8 files changed, 594 insertions, 0 deletions
diff --git a/patches/source/dhcpcd/COPYRIGHT b/patches/source/dhcpcd/COPYRIGHT
new file mode 100644
index 000000000..07d9e683b
--- /dev/null
+++ b/patches/source/dhcpcd/COPYRIGHT
@@ -0,0 +1,26 @@
+/*
+ * dhcpcd - DHCP client daemon
+ * Copyright 2006-2008 Roy Marples <roy@marples.name>
+ * All rights reserved
+
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
diff --git a/patches/source/dhcpcd/dhcpcd.SlackBuild b/patches/source/dhcpcd/dhcpcd.SlackBuild
new file mode 100755
index 000000000..75ec85a21
--- /dev/null
+++ b/patches/source/dhcpcd/dhcpcd.SlackBuild
@@ -0,0 +1,127 @@
+#!/bin/sh
+
+# Copyright 2008, 2009, 2011  Patrick J. Volkerding, Sebeka, MN, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+VERSION=${VERSION:-3.2.3}
+BUILD=${BUILD:-2_slack13.0}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+  case "$( uname -m )" in
+    i?86) export ARCH=i486 ;;
+    arm*) export ARCH=arm ;;
+    # Unless $ARCH is already set, use uname -m for all other archs:
+       *) export ARCH=$( uname -m ) ;;
+  esac
+fi
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-dhcpcd
+
+if [ "$ARCH" = "i486" ]; then
+  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+elif [ "$ARCH" = "s390" ]; then
+  SLKCFLAGS="-O2"
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+fi
+
+rm -rf $PKG
+mkdir -p $TMP $PKG
+cd $TMP
+rm -rf dhcpcd-$VERSION
+tar xvf $CWD/dhcpcd-$VERSION.tar.bz2 || exit 1
+cd dhcpcd-$VERSION
+
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+# Sanitize shell metacharacters from strings provided by the DHCP server:
+zcat $CWD/patches/dhcpcd3.sanitize_strings.diff.gz | patch -p1 --verbose || exit 1
+
+# This changes the default locations where *.pid and other files are
+# written - instead of various locations, use /etc/dhcpc
+# The latter directory was long traditional, and (more importantly) 
+# you can't be sure that /var is mounted yet when dhcpcd is invoked.
+zcat $CWD/patches/config.h.diff.gz | patch -p1 || exit 1
+
+# Fixup the sample dhcpcd.sh script to reflect our changes
+zcat $CWD/patches/dhcpcd.sh.diff.gz | patch -p1 || exit 1
+
+# Fix a typo in the manpage
+zcat $CWD/patches/dhcpcd.8.in.diff.gz | patch -p1 || exit 1
+
+# Disable zeroconf support
+# I'm not sure if this is necessary, to be honest.  If we do this though,
+# I think we'll want to edit the man page to remove references to it.
+#sed -i 's%#define ENABLE_IPV4LL%#undef ENABLE_IPV4LL%' config.h
+
+# Fix segfaulting on x86_64. Apparently i?86 is more forgiving
+#zcat $CWD/dhcpcd.vararg.diff.gz | patch -p1 --verbose || exit 1
+
+CFLAGS="$SLKCFLAGS" \
+  make INFODIR=/etc/dhcpc || exit 1
+
+# We'll install this manually, as the only thing "make install" actually
+# installs is the executable and the man page, and the man page goes to
+# the wrong place :-)
+mkdir -p $PKG/sbin
+cp -a dhcpcd $PKG/sbin
+
+mkdir -p $PKG/usr/man/man8
+gzip -9c dhcpcd.8 > $PKG/usr/man/man8/dhcpcd.8.gz
+
+# This script (or its equivalent) has been installed non-executable for 
+# several dhcpcd releases leading me to believe this is intentional on the 
+# part of the developers.  Indeed, the script is called a "sample" in the 
+# included comments, and there's been at least one security issue related 
+# to its use in the past, so it's probably a safer bet to not install it so 
+# that it works "out of the box".  However, making it non-executable is not 
+# the best solution for this as it leads to error messages in the system 
+# logs which I hear about from time to time.  Instead, we'll make it 
+# executable, but will give it a suffix of -sample so that dhcpcd won't 
+# attempt to run it unless the admin specifically configure it to do so.
+# As far as I can tell it does nothing more than add some extra verbosity 
+# to the logs anyway, and rc.inet1 already does that.  There's really no
+# need that I can see to enable the script.
+mkdir -p $PKG/etc/dhcpc
+cp -a dhcpcd.sh $PKG/etc/dhcpc/dhcpcd.sh-sample
+chmod 755 $PKG/etc/dhcpc/dhcpcd.sh-sample
+
+find $PKG | xargs file | grep -e "executable" -e "shared object" \
+  | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+
+mkdir -p $PKG/usr/doc/dhcpcd-$VERSION
+cp -a README $PKG/usr/doc/dhcpcd-$VERSION
+zcat $CWD/COPYRIGHT.gz > $PKG/usr/doc/dhcpcd-$VERSION/COPYRIGHT
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/dhcpcd-$VERSION-$ARCH-$BUILD.txz
+
diff --git a/patches/source/dhcpcd/dhcpcd.vararg.diff b/patches/source/dhcpcd/dhcpcd.vararg.diff
new file mode 100644
index 000000000..b3ac81ca5
--- /dev/null
+++ b/patches/source/dhcpcd/dhcpcd.vararg.diff
@@ -0,0 +1,30 @@
+--- dhcpcd-2.0.8.orig/src/logger.c	2008-11-07 00:10:23.000000000 +0000
++++ dhcpcd-2.0.8/src/logger.c	2008-11-07 00:13:46.000000000 +0000
+@@ -46,21 +46,25 @@
+ {
+   va_list p;
+   va_list p2;
++  va_list p3;
+   FILE *f = stderr;
+ 
+   va_start(p, fmt);
+   va_copy(p2, p);
++  va_copy(p3, p);
+   /* The default to send debug to stderr is just WAY too much console noise, IMHO */
+   if(!Daemonized && strcmp(syslog_level_msg[level],"Info")) {
+         f = stdout;
+         /* fprintf(f, "%s, ", syslog_level_msg[level]); */
+ 	vfprintf(f, fmt, p);
+ 	fputc('\n', f);
+-	vsyslog(level, fmt, p);
++	vsyslog(level, fmt, p2);
+   }
+   if ( level <= LogLevel )
+-	vsyslog(level, fmt, p2);
++	vsyslog(level, fmt, p3);
+   va_end(p);
++  va_end(p2);
++  va_end(p3);
+ }
+ 
+ // vim: set ts=4 :
diff --git a/patches/source/dhcpcd/patches/config.h.diff b/patches/source/dhcpcd/patches/config.h.diff
new file mode 100644
index 000000000..7bdefb600
--- /dev/null
+++ b/patches/source/dhcpcd/patches/config.h.diff
@@ -0,0 +1,17 @@
+diff -Nur dhcpcd-3.2.3.orig/config.h dhcpcd-3.2.3/config.h
+--- dhcpcd-3.2.3.orig/config.h	2008-02-25 02:28:19.000000000 -0600
++++ dhcpcd-3.2.3/config.h	2009-03-06 14:55:01.998436374 -0600
+@@ -71,10 +71,10 @@
+ 
+ #define OPENNTPFILE         ETCDIR "/ntpd.conf"
+ 
+-#define DEFAULT_SCRIPT      ETCDIR "/" PACKAGE ".sh"
++#define DEFAULT_SCRIPT      INFODIR "/" PACKAGE ".sh"
+ 
+-#define STATEDIR            "/var"
+-#define PIDFILE             STATEDIR "/run/" PACKAGE "-%s.pid"
++#define STATEDIR            INFODIR
++#define PIDFILE             INFODIR "/" PACKAGE "-%s.pid"
+ 
+ #ifndef INFODIR
+ # define INFODIR            "/var/lib/dhcpcd"
diff --git a/patches/source/dhcpcd/patches/dhcpcd.8.in.diff b/patches/source/dhcpcd/patches/dhcpcd.8.in.diff
new file mode 100644
index 000000000..7486c769a
--- /dev/null
+++ b/patches/source/dhcpcd/patches/dhcpcd.8.in.diff
@@ -0,0 +1,12 @@
+diff -Nur dhcpcd-3.2.3.orig/dhcpcd.8.in dhcpcd-3.2.3/dhcpcd.8.in
+--- dhcpcd-3.2.3.orig/dhcpcd.8.in	2008-02-25 02:28:19.000000000 -0600
++++ dhcpcd-3.2.3/dhcpcd.8.in	2009-03-06 19:36:02.207109931 -0600
+@@ -117,7 +117,7 @@
+ up, down or new depending on the state of
+ .Nm .
+ .Nm
+-ignores the exist code of the script.
++ignores the exit code of the script.
+ .Ss Fine tuning
+ You can fine tune the behaviour of
+ .Nm
diff --git a/patches/source/dhcpcd/patches/dhcpcd.sh.diff b/patches/source/dhcpcd/patches/dhcpcd.sh.diff
new file mode 100644
index 000000000..290665a98
--- /dev/null
+++ b/patches/source/dhcpcd/patches/dhcpcd.sh.diff
@@ -0,0 +1,17 @@
+--- a/dhcpcd.sh	2009-03-06 19:22:41.247171672 -0600
++++ b/dhcpcd.sh	2009-03-06 19:24:19.186014526 -0600
+@@ -1,10 +1,10 @@
+ #!/bin/sh
+ #
+-#  This is a sample /etc/dhcpcd.sh script.
+-#  /etc/dhcpcd.sh script is executed by dhcpcd daemon
++#  This is a sample /etc/dhcpc/dhcpcd.sh script.
++#  /etc/dhcpc/dhcpcd.sh script is executed by dhcpcd daemon
+ #  any time it configures or shuts down interface.
+-#  The following parameters are passed to dhcpcd.exe script:
+-#  $1 = HostInfoFilePath, e.g  "/var/lib/dhcpcd/dhcpcd-eth0.info"
++#  The following parameters are passed to the dhcpcd.sh script:
++#  $1 = HostInfoFilePath, e.g  "/etc/dhcpc/dhcpcd-eth0.info"
+ #  $2 = "up" if interface has been configured with the same
+ #       IP address as before reboot;
+ #  $2 = "down" if interface has been shut down;
diff --git a/patches/source/dhcpcd/patches/dhcpcd3.sanitize_strings.diff b/patches/source/dhcpcd/patches/dhcpcd3.sanitize_strings.diff
new file mode 100644
index 000000000..406846f3f
--- /dev/null
+++ b/patches/source/dhcpcd/patches/dhcpcd3.sanitize_strings.diff
@@ -0,0 +1,346 @@
+From 1e664b472a2a915ad31567de729ee0a521db93d0 Mon Sep 17 00:00:00 2001
+From: Marius Tomaschewski <mt@suse.de>
+Date: Thu, 17 Mar 2011 22:18:16 +0100
+Subject: [PATCH] Discard string options with incorrect values
+
+Discard string options such as host and domain names
+containing disallowed characters or beeing too long.
+This proctive patch limits root-path to the a-zA-Z0-9,
+space and the #%+-_:.,@~/\[]= characters.
+
+Signed-off-by: Marius Tomaschewski <mt@suse.de>
+---
+ configure.c |   15 +++---
+ dhcp.c      |  160 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
+ dhcp.h      |    8 +++
+ dhcpcd.c    |    9 +++-
+ 4 files changed, 177 insertions(+), 15 deletions(-)
+
+diff --git a/configure.c b/configure.c
+index 0969f73..24dd6e8 100644
+--- a/configure.c
++++ b/configure.c
+@@ -453,7 +453,7 @@ static char *lookuphostname (char *hostname, const dhcp_t *dhcp,
+ 	char *addr;
+ 	struct addrinfo hints;
+ 	struct addrinfo *res = NULL;
+-	int result;
++	int result, check;
+ 	char *p;
+ 
+ 	logger (LOG_DEBUG, "Looking up hostname via DNS");
+@@ -479,9 +479,10 @@ static char *lookuphostname (char *hostname, const dhcp_t *dhcp,
+ 	result = getaddrinfo (addr, "0", &hints, &res);
+ 	if (res)
+ 		freeaddrinfo (res);
+-	if (result == 0)
++	check = check_domain_name(addr, strlen(addr), 0);
++	if (result == 0 || check != 0)
+ 		logger (LOG_ERR, "malicious PTR record detected");
+-	if (result == 0 || ! *addr) {
++	if (result == 0 || ! *addr || check != 0) {
+ 		free (addr);
+ 		return (NULL);
+ 	}
+@@ -758,12 +759,12 @@ int configure (const options_t *options, interface_t *iface,
+ #endif
+ 
+ 	curhostname = xmalloc (sizeof (char) * MAXHOSTNAMELEN);
+-	*curhostname = '\0';
++	memset(curhostname, 0, MAXHOSTNAMELEN);
+ 
+-	gethostname (curhostname, MAXHOSTNAMELEN);
++	gethostname (curhostname, MAXHOSTNAMELEN - 1);
++	curhostname[MAXHOSTNAMELEN - 1] = '\0';
+ 	if (options->dohostname ||
+-	    strlen (curhostname) == 0 ||
+-	    strcmp (curhostname, "(none)") == 0 ||
++	    check_domain_name(curhostname, strlen (curhostname), 0) != 0 ||
+ 	    strcmp (curhostname, "localhost") == 0)
+ 	{
+ 		newhostname = xmalloc (sizeof (char) * MAXHOSTNAMELEN);
+diff --git a/dhcp.c b/dhcp.c
+index 8ed66da..5165078 100644
+--- a/dhcp.c
++++ b/dhcp.c
+@@ -41,6 +41,8 @@
+ #include <stdint.h>
+ #include <stdlib.h>
+ #include <string.h>
++#include <stddef.h>
++#include <ctype.h>
+ 
+ #include "config.h"
+ 
+@@ -618,6 +620,106 @@ static struct route_head *decode_routers (const unsigned char *data, int length)
+ 	return (head);
+ }
+ 
++int check_domain_name(const char *ptr, size_t len, int dots)
++{
++	const char *p;
++
++	/* not empty or complete length not over 255 characters   */
++	if (len == 0 || len > 256)
++		return -1;
++
++	/* consists of [[:alnum:]-]+ labels separated by [.]      */
++	/* a [_] is against RFC but seems to be "widely used"...  */
++	for (p=ptr; *p && len-- > 0; p++) {
++		if ( *p == '-' || *p == '_') {
++			/* not allowed at begin or end of a label */
++			if ((p - ptr) == 0 || len == 0 || p[1] == '.')
++				return -1;
++		} else
++		if ( *p == '.') {
++			/* each label has to be 1-63 characters;
++			   we allow [.] at the end ('foo.bar.')   */
++			ptrdiff_t d = p - ptr;
++			if( d <= 0 || d >= 64)
++				return -1;
++			ptr = p + 1; /* jump to the next label    */
++			if(dots > 0 && len > 0)
++				dots--;
++		} else
++		if ( !isalnum((int)*p)) {
++			/* also numbers at the begin are fine     */
++			return -1;
++		}
++	}
++	return dots ? -1 : 0;
++}
++
++int check_domain_name_list(const char *ptr, size_t len, int dots)
++{
++	const char *p;
++	int ret = -1; /* at least one needed */
++
++	if (!ptr || !len)
++		return -1;
++
++	for (p=ptr; *p && len > 0; p++, len--) {
++		if (*p != ' ')
++			continue;
++		if (p > ptr) {
++			if (check_domain_name(ptr, p - ptr, dots) != 0)
++				return -1;
++			ret = 0;
++		}
++		ptr = p + 1;
++	}
++	if (p > ptr)
++		return check_domain_name(ptr, p - ptr, dots);
++	else
++		return ret;
++}
++
++int check_dhcpoption(unsigned char option, const char *ptr, size_t len)
++{
++	if( !ptr)
++		return -1;
++
++	switch (option) {
++		case DHCP_NETBIOSNODETYPE:
++			if(len == 1 && ((int)*ptr == 1 || (int)*ptr == 2 ||
++					(int)*ptr == 4 || (int)*ptr == 8))
++				return 0;
++		break;
++		case DHCP_HOSTNAME:
++		case DHCP_DNSDOMAIN:
++		case DHCP_NISDOMAIN:
++		case DHCP_NETBIOSSCOPE:
++			return check_domain_name(ptr, len, 0);
++		break;
++		case DHCP_SIPSERVER:
++		case DHCP_DNSSEARCH:
++			return check_domain_name_list(ptr, len, 0);
++		break;
++		case DHCP_ROOTPATH:
++			if( len == 0)
++				return -1;
++			for (; *ptr && len-- > 0; ptr++) {
++				if( !(isalnum((int)*ptr) ||
++					*ptr == '#'  || *ptr == '%' ||
++					*ptr == '+'  || *ptr == '-' ||
++					*ptr == '_'  || *ptr == ':' ||
++					*ptr == '.'  || *ptr == ',' ||
++					*ptr == '@'  || *ptr == '~' ||
++					*ptr == '\\' || *ptr == '/' ||
++					*ptr == '['  || *ptr == ']' ||
++					*ptr == '='  || *ptr == ' '))
++					return -1;
++			}
++			return 0;
++		break;
++	}
++	return -1;
++}
++
+ int parse_dhcpmessage (dhcp_t *dhcp, const dhcpmessage_t *message)
+ {
+ 	const unsigned char *p = message->options;
+@@ -646,8 +748,16 @@ int parse_dhcpmessage (dhcp_t *dhcp, const dhcpmessage_t *message)
+ 	dhcp->leasedfrom = tv.tv_sec;
+ 	dhcp->frominfo = false;
+ 	dhcp->address.s_addr = message->yiaddr;
+-	strlcpy (dhcp->servername, (char *) message->servername,
+-		 sizeof (dhcp->servername));
++	if (message->servername[0] != '\0' &&
++		check_domain_name((const char *)message->servername,
++			strlen((const char *)message->servername), 0) != 0)
++	{
++		logger (LOG_ERR, "suspect value in SERVERNAME - discarded");
++		dhcp->servername[0] = '\0';
++	} else {
++		strlcpy (dhcp->servername, (char *) message->servername,
++			 sizeof (dhcp->servername));
++	}
+ 
+ #define LEN_ERR \
+ 	{ \
+@@ -768,10 +878,20 @@ parse_start:
+ 	memcpy (_var, p, (size_t) length); \
+ 	memset (_var + length, 0, 1); \
+ }
++#define CHECKOPT(_opt,_var) \
++	if(check_dhcpoption(_opt, (const char *)p, length) != 0) { \
++		logger (LOG_ERR, "suspect value in option %s - discarded", #_opt); \
++		if (_var) free (_var); \
++		_var = NULL; \
++	}
+ 			case DHCP_HOSTNAME:
++				CHECKOPT (DHCP_HOSTNAME, dhcp->hostname)
++				else
+ 				GETSTR (dhcp->hostname);
+ 				break;
+ 			case DHCP_DNSDOMAIN:
++				CHECKOPT (DHCP_DNSDOMAIN, dhcp->dnsdomain)
++				else
+ 				GETSTR (dhcp->dnsdomain);
+ 				break;
+ 			case DHCP_MESSAGE:
+@@ -779,11 +899,15 @@ parse_start:
+ 				break;
+ #ifdef ENABLE_INFO
+ 			case DHCP_ROOTPATH:
++				CHECKOPT (DHCP_ROOTPATH, dhcp->rootpath)
++				else
+ 				GETSTR (dhcp->rootpath);
+ 				break;
+ #endif
+ #ifdef ENABLE_NIS
+ 			case DHCP_NISDOMAIN:
++				CHECKOPT (DHCP_NISDOMAIN, dhcp->nisdomain)
++				else
+ 				GETSTR (dhcp->nisdomain);
+ 				break;
+ #endif
+@@ -814,11 +938,21 @@ parse_start:
+ 			case DHCP_DNSSEARCH:
+ 				MIN_LENGTH (1);
+ 				free (dhcp->dnssearch);
++				dhcp->dnssearch = NULL;
+ 				len = decode_search (p, length, NULL);
+ 				if (len > 0) {
+-					dhcp->dnssearch = xmalloc (len);
+-					decode_search (p, length,
+-						       dhcp->dnssearch);
++					char *str = xmalloc (len);
++					decode_search (p, length, str);
++					if(check_dhcpoption(DHCP_DNSSEARCH,
++						str, len - 1) != 0) {
++						logger (LOG_ERR,
++							"suspect value in "
++							"option %s - discarded",
++							"DHCP_DNSSEARCH");
++						free(str);
++					} else {
++						dhcp->dnssearch = str;
++					}
+ 				}
+ 				break;
+ 
+@@ -837,7 +971,20 @@ parse_start:
+ #ifdef ENABLE_INFO
+ 			case DHCP_SIPSERVER:
+ 				free (dhcp->sipservers);
+-				dhcp->sipservers = decode_sipservers (p,length);
++				dhcp->sipservers = NULL;
++				{
++					char *str = decode_sipservers (p,length);
++					if(check_dhcpoption(DHCP_SIPSERVER,
++						str, strlen(str)) != 0) {
++						logger (LOG_ERR,
++							"suspect value in "
++							"option %s - discarded",
++							"DHCP_SIPSERVER");
++						free(str);
++					} else {
++						dhcp->sipservers = str;
++					}
++				}
+ 				break;
+ #endif
+ 
+@@ -873,6 +1020,7 @@ parse_start:
+ #undef LENGTH
+ #undef MIN_LENGTH
+ #undef MULT_LENGTH
++#undef CHECKOPT
+ 
+ 			default:
+ 				logger (LOG_DEBUG,
+diff --git a/dhcp.h b/dhcp.h
+index cc66d13..d2cdc45 100644
+--- a/dhcp.h
++++ b/dhcp.h
+@@ -86,6 +86,10 @@ enum DHCP_OPTIONS
+ 	DHCP_NISDOMAIN              = 40,
+ 	DHCP_NISSERVER              = 41,
+ 	DHCP_NTPSERVER              = 42,
++	DHCP_NETBIOSNAMESERVER      = 44,
++	DHCP_NETBIOSDDSERVER        = 45,
++	DHCP_NETBIOSNODETYPE        = 46,
++	DHCP_NETBIOSSCOPE           = 47,
+ 	DHCP_ADDRESS                = 50,
+ 	DHCP_LEASETIME              = 51,
+ 	DHCP_OPTIONSOVERLOADED      = 52,
+@@ -213,4 +217,8 @@ ssize_t send_message (const interface_t *iface, const dhcp_t *dhcp,
+ void free_dhcp (dhcp_t *dhcp);
+ int parse_dhcpmessage (dhcp_t *dhcp, const dhcpmessage_t *message);
+ 
++int check_dhcpoption (unsigned char option, const char *ptr, size_t len);
++int check_domain_name(const char *ptr, size_t len, int dots);
++int check_domain_name_list(const char *ptr, size_t len, int dots);
++
+ #endif
+diff --git a/dhcpcd.c b/dhcpcd.c
+index e101847..318dd7f 100644
+--- a/dhcpcd.c
++++ b/dhcpcd.c
+@@ -178,8 +178,10 @@ int main(int argc, char **argv)
+ 	options->doduid = true;
+ 	options->timeout = DEFAULT_TIMEOUT;
+ 
+-	gethostname (options->hostname, sizeof (options->hostname));
+-	if (strcmp (options->hostname, "(none)") == 0 ||
++	memset (options->hostname, 0, sizeof (options->hostname));
++	gethostname (options->hostname, sizeof (options->hostname) - 1);
++	options->hostname[sizeof (options->hostname) - 1] = '\0';
++	if (check_domain_name(options->hostname, strlen(options->hostname), 0) != 0 ||
+ 	    strcmp (options->hostname, "localhost") == 0)
+ 		memset (options->hostname, 0, sizeof (options->hostname));
+ 
+@@ -228,6 +230,9 @@ int main(int argc, char **argv)
+ 						"`%s' too long for HostName string, max is %d",
+ 						optarg, MAXHOSTNAMELEN);
+ 					goto abort;
++				} else if(check_domain_name(optarg, strlen(optarg), 0) != 0) {
++					logger (LOG_ERR, "suspect string in hostname argument");
++					goto abort;
+ 				} else
+ 					strlcpy (options->hostname, optarg,
+ 						 sizeof (options->hostname));
+-- 
+1.7.1
+
diff --git a/patches/source/dhcpcd/slack-desc b/patches/source/dhcpcd/slack-desc
new file mode 100644
index 000000000..04859d7cb
--- /dev/null
+++ b/patches/source/dhcpcd/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.  Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in.  You must
+# make exactly 11 lines for the formatting to be correct.  It's also
+# customary to leave one space after the ':'.
+
+      |-----handy-ruler------------------------------------------------------|
+dhcpcd: dhcpcd (DHCP client daemon)
+dhcpcd:
+dhcpcd: The DHCP client program dhcpcd is used to connect to a network by
+dhcpcd: contacting a DHCP server.  dhcpcd gets an IP address and other
+dhcpcd: information from a corresponding DHCP server, configures the network
+dhcpcd: interface automatically, and tries to renew the lease time according
+dhcpcd: to RFC2131 or RFC1541 depending on the command line option.
+dhcpcd:
+dhcpcd:
+dhcpcd:
+dhcpcd: