From: Roy Marples <roy@marples.name>
Date: Thu, 24 Mar 2011 01:55:06 +0000 (+0000)
Subject: Validate the IP address offered, as some faulty DHCP servers like to
X-Git-Tag: v5.2.12~8
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0664205f8d34559a3bd764ab509a20991d1b3f7d;p=thirdparty%2Fdhcpcd.git

Validate the IP address offered, as some faulty DHCP servers like to
give is an invalid one.
---

diff --git a/dhcpcd.c b/dhcpcd.c
index a3672020..ade5e62b 100644
--- a/dhcpcd.c
+++ b/dhcpcd.c
@@ -528,7 +528,17 @@ handle_dhcp(struct interface *iface, struct dhcp_message **dhcpp, const struct i
 			log_dhcp(LOG_WARNING, "reject DHCP", iface, dhcp, from);
 			return;
 		}
-	}		
+	}
+
+	/* Ensure that the address offered is valid */
+	if ((type == 0 || type == DHCP_OFFER || type == DHCP_ACK) &&
+	    (dhcp->ciaddr == INADDR_ANY || dhcp->ciaddr == INADDR_BROADCAST) &&
+	    (dhcp->yiaddr == INADDR_ANY || dhcp->yiaddr == INADDR_BROADCAST))
+	{
+		log_dhcp(LOG_WARNING, "reject invalid address",
+		    iface, dhcp, from);
+		return;
+	}
 
 	/* No NAK, so reset the backoff */
 	state->nakoff = 1;