[package] busybox: fix hexdump segmentation fault with an empty leading format unit
[openwrt.git] / package / busybox / patches / 241-udhcpc-oversized_packets.patch
1 --- a/networking/udhcp/packet.c
2 +++ b/networking/udhcp/packet.c
3 @@ -158,6 +158,11 @@ uint16_t FAST_FUNC udhcp_checksum(void *
4 return ~sum;
5 }
6
7 +int udhcp_get_payload_len(struct dhcp_packet *dhcp_pkt)
8 +{
9 + return sizeof(struct dhcp_packet) - DHCP_OPTIONS_BUFSIZE + udhcp_end_option(dhcp_pkt->options) + sizeof(dhcp_pkt->options[0]);
10 +}
11 +
12 /* Construct a ip/udp header for a packet, send packet */
13 int FAST_FUNC udhcp_send_raw_packet(struct dhcp_packet *dhcp_pkt,
14 uint32_t source_nip, int source_port,
15 @@ -166,10 +171,10 @@ int FAST_FUNC udhcp_send_raw_packet(stru
16 {
17 struct sockaddr_ll dest_sll;
18 struct ip_udp_dhcp_packet packet;
19 - unsigned padding;
20 int fd;
21 int result = -1;
22 const char *msg;
23 + int p_len = udhcp_get_payload_len(dhcp_pkt);
24
25 fd = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_IP));
26 if (fd < 0) {
27 @@ -178,8 +183,8 @@ int FAST_FUNC udhcp_send_raw_packet(stru
28 }
29
30 memset(&dest_sll, 0, sizeof(dest_sll));
31 - memset(&packet, 0, offsetof(struct ip_udp_dhcp_packet, data));
32 - packet.data = *dhcp_pkt; /* struct copy */
33 + memset(&packet, 0, sizeof(packet));
34 + memcpy(&(packet.data), dhcp_pkt, p_len);
35
36 dest_sll.sll_family = AF_PACKET;
37 dest_sll.sll_protocol = htons(ETH_P_IP);
38 @@ -192,36 +197,24 @@ int FAST_FUNC udhcp_send_raw_packet(stru
39 goto ret_close;
40 }
41
42 - /* We were sending full-sized DHCP packets (zero padded),
43 - * but some badly configured servers were seen dropping them.
44 - * Apparently they drop all DHCP packets >576 *ethernet* octets big,
45 - * whereas they may only drop packets >576 *IP* octets big
46 - * (which for typical Ethernet II means 590 octets: 6+6+2 + 576).
47 - *
48 - * In order to work with those buggy servers,
49 - * we truncate packets after end option byte.
50 - */
51 - padding = DHCP_OPTIONS_BUFSIZE - 1 - udhcp_end_option(packet.data.options);
52 -
53 packet.ip.protocol = IPPROTO_UDP;
54 packet.ip.saddr = source_nip;
55 packet.ip.daddr = dest_nip;
56 packet.udp.source = htons(source_port);
57 packet.udp.dest = htons(dest_port);
58 - /* size, excluding IP header: */
59 - packet.udp.len = htons(UDP_DHCP_SIZE - padding);
60 - /* for UDP checksumming, ip.len is set to UDP packet len */
61 + p_len += sizeof(packet.udp);
62 + packet.udp.len = htons(p_len);
63 packet.ip.tot_len = packet.udp.len;
64 - packet.udp.check = udhcp_checksum(&packet, IP_UDP_DHCP_SIZE - padding);
65 - /* but for sending, it is set to IP packet len */
66 - packet.ip.tot_len = htons(IP_UDP_DHCP_SIZE - padding);
67 + p_len += sizeof(packet.ip);
68 + packet.udp.check = udhcp_checksum(&packet, p_len);
69 + packet.ip.tot_len = htons(p_len);
70 packet.ip.ihl = sizeof(packet.ip) >> 2;
71 packet.ip.version = IPVERSION;
72 packet.ip.ttl = IPDEFTTL;
73 packet.ip.check = udhcp_checksum(&packet.ip, sizeof(packet.ip));
74
75 udhcp_dump_packet(dhcp_pkt);
76 - result = sendto(fd, &packet, IP_UDP_DHCP_SIZE - padding, /*flags:*/ 0,
77 + result = sendto(fd, &packet, p_len, /*flags:*/ 0,
78 (struct sockaddr *) &dest_sll, sizeof(dest_sll));
79 msg = "sendto";
80 ret_close:
81 @@ -239,7 +232,6 @@ int FAST_FUNC udhcp_send_kernel_packet(s
82 uint32_t dest_nip, int dest_port)
83 {
84 struct sockaddr_in client;
85 - unsigned padding;
86 int fd;
87 int result = -1;
88 const char *msg;
89 @@ -270,9 +262,7 @@ int FAST_FUNC udhcp_send_kernel_packet(s
90 }
91
92 udhcp_dump_packet(dhcp_pkt);
93 -
94 - padding = DHCP_OPTIONS_BUFSIZE - 1 - udhcp_end_option(dhcp_pkt->options);
95 - result = safe_write(fd, dhcp_pkt, DHCP_SIZE - padding);
96 + result = safe_write(fd, dhcp_pkt, udhcp_get_payload_len(dhcp_pkt));
97 msg = "write";
98 ret_close:
99 close(fd);
This page took 0.05167 seconds and 5 git commands to generate.