ProxyARP: Use more robust DHCP option parsing · 5a9d504938 - Gogs

ProxyARP: Use more robust DHCP option parsing

Do not depend on undefined behavior with pointer arithmetic when
checking whether there is sufficient room for an option.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Jouni Malinen 8 years ago

parent

e64c13febb

commit

5a9d504938

1 changed files with 2 additions and 0 deletions

Split View Show Diff Stats

						
							+ 2
							
							- 0
						
src/ap/dhcp_snoop.c
							 
								View File
							
				@@ -62,6 +62,8 @@ static void handle_dhcp(void *ctx, const u8 *src_addr, const u8 *buf,
			
				 		if (*opt == DHCP_OPT_PAD)
			
				 			continue;
			
				+		if (pos >= end || 1 + *pos > end - pos)
			
				+			break;
			
				 		pos += *pos + 1;
			
				 		if (pos >= end)
			
				 			break;