From: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Date: Fri, 13 Sep 2019 11:42:17 +0000 (+0100)
Subject: DHCP: Check we have enough for data for IP header as well.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c8491e1ff34731e5003db5e5f8c8f9ef08241876;p=thirdparty%2Fdhcpcd.git

DHCP: Check we have enough for data for IP header as well.

This is totally my bad - Maciej's patch had this length check in
but somehow my patch import lost it.
---

diff --git a/src/dhcp.c b/src/dhcp.c
index 3d8e46bd..1fb2f4a1 100644
--- a/src/dhcp.c
+++ b/src/dhcp.c
@@ -3264,7 +3264,13 @@ valid_udp_packet(void *packet, size_t plen, struct in_addr *from,
 	if (from != NULL)
 		from->s_addr = ip->ip_src.s_addr;
 
+	/* Check we have the IP header */
 	ip_hlen = (size_t)ip->ip_hl * 4;
+	if (ip_hlen > plen) {
+		errno = ENOBUFS;
+		return -1;
+	}
+
 	if (in_cksum(ip, ip_hlen, NULL) != 0) {
 		errno = EINVAL;
 		return -1;