From: Shawn Routhier <sar@isc.org>
Date: Tue, 4 Jun 2013 17:44:13 +0000 (-0700)
Subject: [master]
X-Git-Tag: v4_3_0a1~35
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=360cc6d99356fcf2d2368193607f8c7032dac8da;p=thirdparty%2Fdhcp.git

[master]
Squashed commit of the following:
    [rt33351]
    Check for overly long whitespace in files we are parsing and
    print a message and exit if we find it.  We could try and continue
    but given that the file is likely corrupt that doesn't seem useful.
    commit e5cde5645b6cdeee04761fa3671d9e9f3b5abdd4
    commit 25c632ab85e996f89a8e0337a3c5caef6ff4392a
---

diff --git a/RELNOTES b/RELNOTES
index 6b918f896..d7d4c1ea9 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -83,6 +83,10 @@ work on other platforms. Please report any problems and suggested fixes to
   a compiler warning on Solaris using GCC.
   [ISC-Bugs #33032]
 
+- Add a check for too much whitespace in a config or lease file.
+  Thanks to Paolo Pellegrino for finding the issue and a suggestion
+  for the patch.
+  [ISC-Bugs #33351]
 			Changes since 4.2.4
 
 - Correct code to calculate timing values in client to compare
diff --git a/common/conflex.c b/common/conflex.c
index 0da5076f4..ce688d532 100644
--- a/common/conflex.c
+++ b/common/conflex.c
@@ -470,6 +470,16 @@ read_whitespace(int c, struct parse *cfile) {
 	 */
 	ofs = 0;
 	do {
+		if (ofs >= sizeof(cfile->tokbuf)) {
+			/*
+			 * As the file includes a huge amount of whitespace,
+			 * it's probably broken.
+			 * Print out a warning and bail out.
+			 */
+			parse_warn(cfile,
+				   "whitespace too long, buffer overflow.");
+			log_fatal("Exiting");
+		}
 		cfile->tokbuf[ofs++] = c;
 		c = get_char(cfile);
 	} while (!((c == '\n') && cfile->eol_token) &&