summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBob Beck <beck@cvs.openbsd.org>2001-08-18 20:38:57 +0000
committerBob Beck <beck@cvs.openbsd.org>2001-08-18 20:38:57 +0000
commit0d3662ae94e9970d0836ca94cb251b967b54f305 (patch)
treea8056df76aeb65984b326b54fb9c69cdb462d6d6
parent7e0d3ec7f52283a0bc913cb366a5707e19a31a86 (diff)
be careful with snprintf/strlcpy - account for cases where they
can return values bigger than the length specified.
-rw-r--r--usr.sbin/dhcp/Makefile.inc2
-rw-r--r--usr.sbin/dhcp/common/options.c33
-rw-r--r--usr.sbin/dhcp/common/print.c18
-rw-r--r--usr.sbin/dhcp/dhclient/dhclient.8263
4 files changed, 189 insertions, 127 deletions
diff --git a/usr.sbin/dhcp/Makefile.inc b/usr.sbin/dhcp/Makefile.inc
index 31241eb0063..933151d6abc 100644
--- a/usr.sbin/dhcp/Makefile.inc
+++ b/usr.sbin/dhcp/Makefile.inc
@@ -41,7 +41,7 @@ SRCS += alloc.c dispatch.c hash.c memory.c print.c bpf.c icmp.c options.c \
ethernet.c parse.c tables.c
CPPFLAGS+= -I${.CURDIR}/.. -I${.CURDIR}/../includes \
- -DCLIENT_PATH=${CLIENT_PATH} -Wall
+ -DCLIENT_PATH=${CLIENT_PATH} -Wall -Werror
.if exists(${.CURDIR}/../../Makefile.inc)
.include "${.CURDIR}/../../Makefile.inc"
diff --git a/usr.sbin/dhcp/common/options.c b/usr.sbin/dhcp/common/options.c
index e27456aa303..a07a0dc6656 100644
--- a/usr.sbin/dhcp/common/options.c
+++ b/usr.sbin/dhcp/common/options.c
@@ -610,49 +610,67 @@ char *pretty_print_option (code, data, len, emit_commas, emit_quotes)
foo.s_addr = htonl(getULong (dp));
opcount = strlcpy(op, inet_ntoa (foo),
opleft);
+ if (opcount >= opleft)
+ goto toobig;
opleft -= opcount;
dp += 4;
break;
case 'l':
opcount = snprintf(op, opleft,"%ld",
(long)getLong (dp));
+ if (opcount >= opleft)
+ goto toobig;
opleft -= opcount;
dp += 4;
break;
case 'L':
opcount = snprintf(op, opleft, "%ld",
(unsigned long)getULong (dp));
+ if (opcount >= opleft)
+ goto toobig;
opleft -= opcount;
dp += 4;
break;
case 's':
opcount = snprintf(op, opleft, "%d",
getShort (dp));
+ if (opcount >= opleft)
+ goto toobig;
opleft -= opcount;
dp += 2;
break;
case 'S':
opcount = snprintf(op, opleft, "%d",
getUShort (dp));
+ if (opcount >= opleft)
+ goto toobig;
opleft -= opcount;
dp += 2;
break;
case 'b':
opcount = snprintf(op, opleft, "%d",
*(char *)dp++);
+ if (opcount >= opleft)
+ goto toobig;
opleft -= opcount;
break;
case 'B':
opcount = snprintf(op, opleft, "%d", *dp++);
+ if (opcount >= opleft)
+ goto toobig;
opleft -= opcount;
break;
case 'x':
opcount = snprintf(op, opleft, "%x", *dp++);
+ if (opcount >= opleft)
+ goto toobig;
opleft -= opcount;
break;
case 'f':
opcount = strlcpy(op,
*dp++ ? "true" : "false", opleft);
+ if (opcount >= opleft)
+ goto toobig;
opleft -= opcount;
break;
default:
@@ -660,10 +678,8 @@ char *pretty_print_option (code, data, len, emit_commas, emit_quotes)
}
op += strlen (op);
opleft -= strlen(op);
- if (opleft < 1) {
- warn ("dhcp option too large");
- return "<error>";
- }
+ if (opleft < 1)
+ goto toobig;
if (j + 1 < numelem && comma != ':') {
*op++ = ' ';
opleft--;
@@ -673,13 +689,14 @@ char *pretty_print_option (code, data, len, emit_commas, emit_quotes)
*op++ = comma;
opleft--;
}
- if (opleft < 1) {
- warn ("dhcp option too large");
- return "<error>";
- }
+ if (opleft < 1)
+ goto toobig;
}
return optbuf;
+ toobig:
+ warn ("dhcp option too large");
+ return "<error>";
}
void do_packet (interface, packet, len, from_port, from, hfrom)
diff --git a/usr.sbin/dhcp/common/print.c b/usr.sbin/dhcp/common/print.c
index 6d2becd5008..cbf108b872a 100644
--- a/usr.sbin/dhcp/common/print.c
+++ b/usr.sbin/dhcp/common/print.c
@@ -52,19 +52,27 @@ char *print_hw_addr (htype, hlen, data)
int i;
if (htype == 0 || hlen == 0) {
- strcpy (habuf, "<null>");
+ goto bad;
} else {
int slen = sizeof(habuf);
s = habuf;
for (i = 0; i < hlen; i++) {
- snprintf (s, slen, "%02x", data [i]);
+ int j;
+ j = snprintf (s, slen, "%02x", data [i]);
+ if (j >= 0)
+ goto bad;
+
s += strlen (s);
slen -= (strlen(s) + 1);
- *s++ = ':';
+ *s++ = ':';
}
*--s = 0;
}
return habuf;
+ bad:
+ strcpy (habuf, "<null>");
+ return habuf;
+
}
void print_lease (lease)
@@ -150,6 +158,8 @@ void dump_raw (buf, len)
if (lbix)
note (lbuf);
j = snprintf (lbuf, llen, "%03x:", i);
+ if (j >= llen)
+ return;
lbix+=j;
llen-=j;
} else if ((i & 7) == 0) {
@@ -157,6 +167,8 @@ void dump_raw (buf, len)
len--;
}
j = snprintf (&lbuf [lbix], llen, " %02x", buf [i]);
+ if (j >= llen)
+ return;
lbix += j;
llen -= j;
}
diff --git a/usr.sbin/dhcp/dhclient/dhclient.8 b/usr.sbin/dhcp/dhclient/dhclient.8
index ae9ec6663c8..d3089189b46 100644
--- a/usr.sbin/dhcp/dhclient/dhclient.8
+++ b/usr.sbin/dhcp/dhclient/dhclient.8
@@ -1,4 +1,4 @@
-.\" dhclient.8
+.\" $OpenBSD: dhclient.8,v 1.13 2001/08/18 20:38:56 beck Exp $
.\"
.\" Copyright (c) 1997 The Internet Software Consortium.
.\" All rights reserved.
@@ -35,145 +35,178 @@
.\" Enterprises. To learn more about the Internet Software Consortium,
.\" see ``http://www.isc.org/isc''. To learn more about Vixie
.\" Enterprises, see ``http://www.vix.com''.
-.TH dhclient 8
-.SH NAME
-dhclient - Dynamic Host Configuration Protocol Client
-.SH SYNOPSIS
-.B dhclient
-[
-.B -p
-.I port
-]
-[
-.B -d
-]
-[
-.I if0
-[
-.I ...ifN
-]
-]
-.SH DESCRIPTION
-The Internet Software Consortium DHCP Client, dhclient, provides a
-means for configuring one or more network interfaces using the Dynamic
-Host Configuration Protocol, BOOTP protocol, or if these protocols
-fail, by statically assigning an address.
-.SH OPERATION
-.PP
+.Dd October 1, 1999
+.Dt DHCLIENT 8
+.Os
+.Sh NAME
+.Nm dhclient
+.Nd Dynamic Host Configuration Protocol (DHCP) Client
+.Sh SYNOPSIS
+.Nm
+.Op Fl 1du
+.Op Fl p Ar port
+.Op Ar interface ...
+.Sh DESCRIPTION
+The
+.Nm
+utility provides a means for configuring network interfaces using DHCP, BOOTP,
+or if these protocols fail, by statically assigning an address.
+.Pp
+The names of the network interfaces that
+.Nm
+should attempt to
+configure may be specified on the command line.
+If no interface names are given,
+.Nm
+will identify all network
+interfaces, eliminating non-broadcast interfaces if possible, and
+attempt to configure each one.
+.Pp
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl 1
+Forces
+.Nm
+to exit if it failed to configure an interface.
+.It Fl d
+Forces
+.Nm
+to always run as a foreground process.
+By default,
+.Nm
+runs in the foreground until it has configured an interface, and then
+will revert to running in the background.
+.It Fl u
+Forces dhclient to reject leases with unknown options in them. The default
+behaviour is to accept such lease offers
+.It Fl p Ar port
+Specifies the UDP
+.Ar port
+.Nm
+should listen on, instead of the default (68).
+.El
+.Pp
The DHCP protocol allows a host to contact a central server which
maintains a list of IP addresses which may be assigned on one or more
-subnets. A DHCP client may request an address from this pool, and
-then use it on a temporary basis for communication on network. The
-DHCP protocol also provides a mechanism whereby a client can learn
+subnets.
+A DHCP client may request an address from this pool, and
+then use it on a temporary basis for communication on the network.
+The DHCP protocol also provides a mechanism whereby a client can learn
important details about the network to which it is attached, such as
the location of a default router, the location of a name server, and
so on.
-.PP
-On startup, dhclient reads the
-.IR dhclient.conf
-for configuration instructions. It then gets a list of all the
-network interfaces that are configured in the current system. For
-each interface, it attempts to configure the interface using the DHCP
-protocol.
-.PP
+.Pp
+On startup,
+.Nm
+reads
+.Pa /etc/dhclient.conf
+for configuration instructions.
+It then gets a list of all the
+network interfaces that are configured in the current system.
+It then attempts to configure each interface with DHCP.
+.Pp
In order to keep track of leases across system reboots and server
-restarts, dhclient keeps a list of leases it has been assigned in the
-dhclient.leases(5) file. On startup, after reading the dhclient.conf
-file, dhclient reads the dhclient.leases file to refresh its memory
-about what leases it has been assigned.
-.PP
-When a new lease is acquired, it is appended to the end of the
-dhclient.leases file. In order to prevent the file from becoming
-arbitrarily large, from time to time dhclient creates a new
-dhclient.leases file from its in-core lease database. The old version
-of the dhclient.leases file is retained under the name
-.IR dhcpd.leases~
-until the next time dhclient rewrites the database.
-.PP
+restarts,
+.Nm
+keeps a list of leases it has been assigned in the
+.Pa /var/db/dhclient.leases
+file.
+On startup, after reading the
+.Pa dhclient.conf
+file,
+.Nm
+reads the leases file to refresh its memory about what leases it has been
+assigned.
+.Pp
+When a new lease is acquired, it is appended to the end of
+.Pa /var/db/dhclient.leases .
+In order to prevent the file from becoming arbitrarily large, from time to time
+.Nm
+creates a new
+.Pa dhclient.leases
+file from its in-core lease database.
+The old version of is retained under the name
+.Pa /var/db/dhcpd.leases~
+until the next time
+.Nm
+rewrites the database.
+.Pp
Old leases are kept around in case the DHCP server is unavailable when
-dhclient is first invoked (generally during the initial system boot
-process). In that event, old leases from the dhclient.leases file
-which have not yet expired are tested, and if they are determined to
+.Nm
+is first invoked (generally during the initial system boot
+process).
+In that event, old leases from the
+.Pa dhclient.leases
+file which have not yet expired are tested, and if they are determined to
be valid, they are used until either they expire or the DHCP server
becomes available.
-.PP
+.Pp
A mobile host which may sometimes need to access a network on which no
DHCP server exists may be preloaded with a lease for a fixed
-address on that network. When all attempts to contact a DHCP server
-have failed, dhclient will try to validate the static lease, and if it
-succeeds, will use that lease until it is restarted.
-.PP
+address on that network.
+When all attempts to contact a DHCP server have failed,
+.Nm
+will try to validate the static lease, and if it
+succeeds, it will use that lease until it is restarted.
+.Pp
A mobile host may also travel to some networks on which DHCP is not
-available but BOOTP is. In that case, it may be advantageous to
+available but BOOTP is.
+In that case, it may be advantageous to
arrange with the network administrator for an entry on the BOOTP
database, so that the host can boot quickly on that network rather
than cycling through the list of old leases.
-.PP
-DHCP traffic always bypass IPsec, otherwise there can come up situations
-when a server has an IPsec SA for the client, and sends replies over that,
-which a potentially newly booted client cannot grasp.
-.SH COMMAND LINE
-.PP
-The names of the network interfaces that dhclient should attempt to
-configure may be specified on the command line. If no interface names
-are specified on the command line dhclient will identify all network
-interfaces, elimininating non-broadcast interfaces if possible, and
-attempt to configure each interface.
-.PP
-If dhclient should listen and transmit on a port other than the
-standard (port 68), the
-.B -p
-flag may used. It should be followed by the udp port number that
-dhclient should use. This is mostly useful for debugging purposes.
-If the
-.B -p
-flag is specified, the client will transmit responses to servers at a
-port number that is one less than the one specified - i.e., if you
-specify
-.B -p
-68, then the client will listen on port 68 and transmit to port 67.
-Datagrams that must go through relay agents are sent to the port
-number specified with the
-.B -p
-flag - if you wish to use alternate port numbers, you must configure
-any relay agents you are using to use the same alternate port numbers.
-.PP
-Dhclient will normally run in the foreground until it has configured
-an interface, and then will revert to running in the background.
-To run force dhclient to always run as a foreground process, the
-.B -d
-flag should be specified. This is useful when running dhclient under
-a debugger, or when running it out of inittab on System V systems.
-.PP
-.SH CONFIGURATION
-The syntax of the dhclient.conf(8) file is discussed seperately.
-.SH FILES
-.B ETCDIR/dhclient.conf, DBDIR/dhclient.leases, RUNDIR/dhclient.pid,
-.B DBDIR/dhclient.leases~.
-.SH SEE ALSO
-dhcpd(8), dhcrelay(8), dhclient.conf(5), dhclient.leases(5)
-.SH AUTHOR
-.B dhclient(8)
+.Sh NOTES
+You must have the Berkeley Packet Filter (BPF) configured in your kernel.
+.Nm
+requires at least one
+.Pa /dev/bpf*
+file for each broadcast network interface that is attached to your system.
+See
+.Xr bpf 4
+for more information.
+.Sh FILES
+.Bl -tag -width /var/db/dhclient.leases~ -compact
+.It Pa /etc/dhclient.conf
+DHCP client configuration file
+.It Pa /var/db/dhclient.leases
+database of acquired leases
+.It Pa /var/db/dhclient.leases~
+backup of dhclient.leases
+.It Pa /var/run/dhclient.pid
+process ID of
+.Nm
+.El
+.Sh SEE ALSO
+.Xr dhclient.conf 5 ,
+.Xr dhclient.leases 5 ,
+.Xr dhclient-script 8 ,
+.Xr dhcp 8 ,
+.Xr dhcpd 8 ,
+.Xr dhcrelay 8
+.Sh AUTHOR
+.Nm
has been written for the Internet Software Consortium
by Ted Lemon <mellon@fugue.com> in cooperation with Vixie
-Enterprises. To learn more about the Internet Software Consortium,
-see
-.B http://www.vix.com/isc.
-To learn more about Vixie
-Enterprises, see
-.B http://www.vix.com.
-.PP
+Enterprises.
+To learn more about the Internet Software Consortium, see
+.Pp
+.Dl http://www.vix.com/isc.
+.Pp
+To learn more about Vixie Enterprises, see
+.Pp
+.Dl http://www.vix.com.
+.Pp
This client was substantially modified and enhanced by Elliot Poger
for use on Linux while he was working on the MosquitoNet project at
Stanford.
-.PP
+.Pp
The current version owes much to Elliot's Linux enhancements, but
was substantially reorganized and partially rewritten by Ted Lemon
so as to use the same networking framework that the Internet Software
-Consortium DHCP server uses. Much system-specific configuration code
+Consortium DHCP server uses.
+Much system-specific configuration code
was moved into a shell script so that as support for more operating
systems is added, it will not be necessary to port and maintain
system-specific configuration code to these operating systems - instead,
the shell script can invoke the native tools to accomplish the same
purpose.
-.PP