Use offsetof() instead of sizeof() to get the sizes for dhcpv6_relay_packet

author Shawn Routhier <sar@isc.org>

Tue, 20 Mar 2012 00:31:54 +0000 (00:31 +0000)

committer Shawn Routhier <sar@isc.org>

Tue, 20 Mar 2012 00:31:54 +0000 (00:31 +0000)
author Shawn Routhier <sar@isc.org>
Tue, 20 Mar 2012 00:31:54 +0000 (00:31 +0000)
committer Shawn Routhier <sar@isc.org>
Tue, 20 Mar 2012 00:31:54 +0000 (00:31 +0000)
diff --git a/RELNOTES b/RELNOTES

index ddea3fc3298117218201d0ca05c1ec4e03b2ac6d..e3d2541c420a85b9ae0108b6080990cf74e08fc8 100644 (file)
--- a/RELNOTES
+++ b/RELNOTES
@@ -94,6 +94,11 @@ work on other platforms. Please report any problems and suggested fixes to
    weren't removed from the DNS.
    [ISC-BUGS #27858]
  
+- Use offsetof() instead of sizeof() to get the sizes for dhcpv6_relay_packet
+  and dhcpv6_packet in several more places.  Thanks to a report from
+  Bruno Verstuyft and Vincent Demaertelaere of Excentis.
+  [ISC-Bugs #27941]
+
                         Changes since 4.2.2
  
  - Fix the code that checks for an existing DDNS transaction to cancel
diff --git a/common/options.c b/common/options.c

index 1f597785f834aee437bcbe15be99bd3a071c4b12..e485222917e40e761ca7d3fc98e4d7d41b38b476 100644 (file)
--- a/common/options.c
+++ b/common/options.c
@@ -3845,6 +3845,7 @@ do_packet6(struct interface_info *interface, const char *packet,
         msg_type = packet[0];
         if ((msg_type == DHCPV6_RELAY_FORW) || 
             (msg_type == DHCPV6_RELAY_REPL)) {
+               int relaylen = (int)(offsetof(struct dhcpv6_relay_packet, options));
                 relay = (const struct dhcpv6_relay_packet *)packet;
                 decoded_packet->dhcpv6_msg_type = relay->msg_type;
  
@@ -3856,7 +3857,7 @@ do_packet6(struct interface_info *interface, const char *packet,
                        relay->peer_address, sizeof(relay->peer_address));
  
                 if (!parse_option_buffer(decoded_packet->options, 
-                                        relay->options, len-sizeof(*relay), 
+                                        relay->options, len - relaylen, 
                                          &dhcpv6_universe)) {
                         /* no logging here, as parse_option_buffer() logs all
                            cases where it fails */
@@ -3864,6 +3865,7 @@ do_packet6(struct interface_info *interface, const char *packet,
                         return;
                 }
         } else {
+               int msglen = (int)(offsetof(struct dhcpv6_packet, options));
                 msg = (const struct dhcpv6_packet *)packet;
                 decoded_packet->dhcpv6_msg_type = msg->msg_type;
  
@@ -3873,7 +3875,7 @@ do_packet6(struct interface_info *interface, const char *packet,
                        sizeof(decoded_packet->dhcpv6_transaction_id));
  
                 if (!parse_option_buffer(decoded_packet->options, 
-                                        msg->options, len-sizeof(*msg), 
+                                        msg->options, len - msglen, 
                                          &dhcpv6_universe)) {
                         /* no logging here, as parse_option_buffer() logs all
                            cases where it fails */
diff --git a/server/dhcpv6.c b/server/dhcpv6.c

index e1f872e56411644a3892b1f77a09fd778868dcab..783324286a3d45163ac3c0853f08ddf6dfa0b92b 100644 (file)
--- a/server/dhcpv6.c
+++ b/server/dhcpv6.c
@@ -5527,6 +5527,7 @@ dhcpv6_relay_forw(struct data_string *reply_ret, struct packet *packet) {
         msg_type = enc_opt_data.data[0];
         if ((msg_type == DHCPV6_RELAY_FORW) ||
             (msg_type == DHCPV6_RELAY_REPL)) {
+               int relaylen = (int)(offsetof(struct dhcpv6_relay_packet, options));
                 relay = (struct dhcpv6_relay_packet *)enc_opt_data.data;
                 enc_packet->dhcpv6_msg_type = relay->msg_type;
  
@@ -5539,13 +5540,14 @@ dhcpv6_relay_forw(struct data_string *reply_ret, struct packet *packet) {
  
                 if (!parse_option_buffer(enc_packet->options,
                                          relay->options, 
-                                        enc_opt_data.len-sizeof(*relay),
+                                        enc_opt_data.len - relaylen,
                                          &dhcpv6_universe)) {
                         /* no logging here, as parse_option_buffer() logs all
                            cases where it fails */
                         goto exit;
                 }
         } else {
+               int msglen = (int)(offsetof(struct dhcpv6_packet, options));
                 msg = (struct dhcpv6_packet *)enc_opt_data.data;
                 enc_packet->dhcpv6_msg_type = msg->msg_type;
  
@@ -5556,7 +5558,7 @@ dhcpv6_relay_forw(struct data_string *reply_ret, struct packet *packet) {
  
                 if (!parse_option_buffer(enc_packet->options,
                                          msg->options, 
-                                        enc_opt_data.len-sizeof(*msg),
+                                        enc_opt_data.len - msglen,
                                          &dhcpv6_universe)) {
                         /* no logging here, as parse_option_buffer() logs all
                            cases where it fails */
author	Shawn Routhier <sar@isc.org>
	Tue, 20 Mar 2012 00:31:54 +0000 (00:31 +0000)
committer	Shawn Routhier <sar@isc.org>
	Tue, 20 Mar 2012 00:31:54 +0000 (00:31 +0000)
RELNOTES		patch \| blob \| blame \| history
common/options.c		patch \| blob \| blame \| history
server/dhcpv6.c		patch \| blob \| blame \| history