dhcp-serve-request: move message size check to dhcp_server_handle_message()

diff --git a/src/libsystemd-network/dhcp-server-request.c b/src/libsystemd-network/dhcp-server-request.c
index 555796d8a1e6daaddf8ff671014ba16d79ecc7de..78d641141c33ae1bae44cb1c2833f2b1ef88749b 100644 (file)
--- a/src/libsystemd-network/dhcp-server-request.c
+++ b/src/libsystemd-network/dhcp-server-request.c
@@ -414,6 +414,9 @@ int dhcp_server_handle_message(sd_dhcp_server *server, DHCPMessage *message, siz
         assert(server);
         assert(message);
 
+        if (length < sizeof(DHCPMessage))
+                return 0;
+
         if (message->op != BOOTREQUEST)
                 return 0;
 
@@ -480,9 +483,6 @@ static int server_receive_message(sd_event_source *s, int fd, uint32_t revents,
                 return 0;
         }
 
-        if ((size_t) len < sizeof(DHCPMessage))
-                return 0;
-
         /* TODO: figure out if this can be done as a filter on the socket, like for IPv6 */
         struct in_pktinfo *info = CMSG_FIND_DATA(&msg, IPPROTO_IP, IP_PKTINFO, struct in_pktinfo);
         if (info && info->ipi_ifindex != server->ifindex)

diff --git a/src/libsystemd-network/fuzz-dhcp-server.c b/src/libsystemd-network/fuzz-dhcp-server.c
index 037acdec079966fd3586d6e28d53b5e88398567a..9d927472e0030286ef98c981a13835670eb011a6 100644 (file)
--- a/src/libsystemd-network/fuzz-dhcp-server.c
+++ b/src/libsystemd-network/fuzz-dhcp-server.c
@@ -63,9 +63,6 @@ static int add_static_lease(sd_dhcp_server *server, uint8_t i) {
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
         struct in_addr address = { .s_addr = htobe32(UINT32_C(10) << 24 | UINT32_C(1))};
 
-        if (size < sizeof(DHCPMessage))
-                return 0;
-
         fuzz_setup_logging();
 
         _cleanup_(rm_rf_physical_and_freep) char *tmpdir = NULL;