[#722,!3] Proposed improvement in DUID checks

author Tomek Mrugalski <tomasz@isc.org>

Mon, 12 Aug 2019 16:30:56 +0000 (18:30 +0200)

committer Thomas Markwalder <tmark@isc.org>

Wed, 14 Aug 2019 15:59:49 +0000 (11:59 -0400)
author Tomek Mrugalski <tomasz@isc.org>
Mon, 12 Aug 2019 16:30:56 +0000 (18:30 +0200)
committer Thomas Markwalder <tmark@isc.org>
Wed, 14 Aug 2019 15:59:49 +0000 (11:59 -0400)
diff --git a/src/bin/dhcp6/dhcp6_srv.cc b/src/bin/dhcp6/dhcp6_srv.cc

index fd1d7fa92d91ec3529c1b3d710e0170bc7bd92cd..48ab4d8986af7c1c1e445ab8c636b8061effd8de 100644 (file)
--- a/src/bin/dhcp6/dhcp6_srv.cc
+++ b/src/bin/dhcp6/dhcp6_srv.cc
@@ -1353,17 +1353,9 @@ void Dhcpv6Srv::sanityCheckDUID(const OptionPtr& opt, const std::string& opt_nam
      // The client-id or server-id has to have at least 3 bytes of useful data:
      // two for duid type and one more for actual duid value.
      uint16_t len = opt->len() - opt->getHeaderLen();
-    if (len < 3) {
-        isc_throw(RFCViolation, "Received empty or truncated " << opt_name << " option: "
-                  << len << " byte(s) only");
-    }
-
-    // We need to make sure we can construct one, if not we're toast later on.
-    try {
-        DuidPtr tmp(new DUID(opt->getData()));
-    } catch (const std::exception& ex) {
-        isc_throw(RFCViolation, "Received invalid content for "
-                  << opt_name << ", " << ex.what());
+    if ( (len < 3) || (len > DUID::MAX_DUID_LEN) ) {
+        isc_throw(RFCViolation, "Received " << opt_name << " option with invalid length: "
+                  << len << ", expected 3..128.");
      }
  }
author	Tomek Mrugalski <tomasz@isc.org>
	Mon, 12 Aug 2019 16:30:56 +0000 (18:30 +0200)
committer	Thomas Markwalder <tmark@isc.org>
	Wed, 14 Aug 2019 15:59:49 +0000 (11:59 -0400)