udhcpd: fix a bug in add_lease where it was reading at [-1]

It is not correct when we read lease file!

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/networking/udhcp/dhcpd.h b/networking/udhcp/dhcpd.h
index 67cb78ce701b40425afef797cfe456986b6df690..4f6b73e340ca00482aae84450f2c5a7fc77c55fe 100644 (file)
--- a/networking/udhcp/dhcpd.h
+++ b/networking/udhcp/dhcpd.h
@@ -89,7 +89,7 @@ struct dyn_lease {
         * (dhcp packet has chaddr[16], not [6])
         */
        uint8_t lease_mac[6];
-       uint8_t hostname[20];
+       char hostname[20];
        uint8_t pad[2];
        /* total size is a multiply of 4 */
 } PACKED;
@@ -98,7 +98,8 @@ extern struct dyn_lease *g_leases;
 
 struct dyn_lease *add_lease(
                const uint8_t *chaddr, uint32_t yiaddr,
-               leasetime_t leasetime, uint8_t *hostname
+               leasetime_t leasetime,
+               const char *hostname, int hostname_len
                ) FAST_FUNC;
 int is_expired_lease(struct dyn_lease *lease) FAST_FUNC;
 struct dyn_lease *find_lease_by_mac(const uint8_t *mac) FAST_FUNC;

diff --git a/networking/udhcp/files.c b/networking/udhcp/files.c
index 35592153bdf18d1d42d308ecfeb04d1ba41d8a25..1b2cc96f4e0ddc14040ba559221a606d1eff22f9 100644 (file)
--- a/networking/udhcp/files.c
+++ b/networking/udhcp/files.c
@@ -420,7 +420,11 @@ void FAST_FUNC read_leases(const char *file)
                                continue;
                        /* NB: add_lease takes "relative time", IOW,
                         * lease duration, not lease deadline. */
-                       if (!(add_lease(lease.lease_mac, lease.lease_nip, expires, lease.hostname))) {
+                       if (add_lease(lease.lease_mac, lease.lease_nip,
+                                       expires,
+                                       lease.hostname, sizeof(lease.hostname)
+                               ) == 0
+                       ) {
                                bb_error_msg("too many leases while loading %s", file);
                                break;
                        }

diff --git a/networking/udhcp/leases.c b/networking/udhcp/leases.c
index 68fba726e97b346f15f7c118a567526eb72a4f21..afd41bfd4811ea3275ef109b9737f82e08fe0668 100644 (file)
--- a/networking/udhcp/leases.c
+++ b/networking/udhcp/leases.c
@@ -50,10 +50,10 @@ static void clear_lease(const uint8_t *chaddr, uint32_t yiaddr)
 /* Add a lease into the table, clearing out any old ones */
 struct dyn_lease* FAST_FUNC add_lease(
                const uint8_t *chaddr, uint32_t yiaddr,
-               leasetime_t leasetime, uint8_t *hostname)
+               leasetime_t leasetime,
+               const char *hostname, int hostname_len)
 {
        struct dyn_lease *oldest;
-       uint8_t hostname_length;
 
        /* clean out any old ones */
        clear_lease(chaddr, yiaddr);
@@ -63,16 +63,15 @@ struct dyn_lease* FAST_FUNC add_lease(
        if (oldest) {
                oldest->hostname[0] = '\0';
                if (hostname) {
-                       /* option size byte, + 1 for NUL */
-                       hostname_length = hostname[-1] + 1;
-                       if (hostname_length > sizeof(oldest->hostname))
-                               hostname_length = sizeof(oldest->hostname);
-                       hostname = (uint8_t*) safe_strncpy((char*)oldest->hostname, (char*)hostname, hostname_length);
+                       char *p;
+                       if (hostname_len > sizeof(oldest->hostname))
+                               hostname_len = sizeof(oldest->hostname);
+                       p = safe_strncpy(oldest->hostname, hostname, hostname_len);
                        /* sanitization (s/non-ASCII/^/g) */
-                       while (*hostname) {
-                               if (*hostname < ' ' || *hostname > 126)
-                                       *hostname = '^';
-                               hostname++;
+                       while (*p) {
+                               if (*p < ' ' || *p > 126)
+                                       *p = '^';
+                               p++;
                        }
                }
                memcpy(oldest->lease_mac, chaddr, 6);
@@ -137,7 +136,7 @@ static int nobody_responds_to_arp(uint32_t nip, const uint8_t *safe_mac)
        temp.s_addr = nip;
        bb_info_msg("%s belongs to someone, reserving it for %u seconds",
                inet_ntoa(temp), (unsigned)server_config.conflict_time);
-       add_lease(blank_chaddr, nip, server_config.conflict_time, NULL);
+       add_lease(blank_chaddr, nip, server_config.conflict_time, NULL, 0);
        return 0;
 }
 

diff --git a/networking/udhcp/serverpacket.c b/networking/udhcp/serverpacket.c
index c3724e0e27bb17e2677b065d9f05534d59a51b20..b48e4159a769c78fa245c335cf0f90e62074d650 100644 (file)
--- a/networking/udhcp/serverpacket.c
+++ b/networking/udhcp/serverpacket.c
@@ -130,7 +130,8 @@ int FAST_FUNC send_offer(struct dhcp_packet *oldpacket)
        uint32_t req_nip;
        uint32_t lease_time_sec = server_config.max_lease_sec;
        uint32_t static_lease_ip;
-       uint8_t *req_ip_opt, *p_host_name;
+       uint8_t *req_ip_opt;
+       const char *p_host_name;
        struct option_set *curr;
        struct in_addr addr;
 
@@ -173,8 +174,13 @@ int FAST_FUNC send_offer(struct dhcp_packet *oldpacket)
                        bb_error_msg("no IP addresses to give - OFFER abandoned");
                        return -1;
                }
-               p_host_name = get_option(oldpacket, DHCP_HOST_NAME);
-               if (!add_lease(packet.chaddr, packet.yiaddr, server_config.offer_time, p_host_name)) {
+               p_host_name = (const char*) get_option(oldpacket, DHCP_HOST_NAME);
+               if (add_lease(packet.chaddr, packet.yiaddr,
+                               server_config.offer_time,
+                               p_host_name,
+                               p_host_name ? (unsigned char)p_host_name[OPT_LEN - OPT_DATA] : 0
+                       ) == 0
+               ) {
                        bb_error_msg("lease pool is full - OFFER abandoned");
                        return -1;
                }
@@ -218,7 +224,7 @@ int FAST_FUNC send_ACK(struct dhcp_packet *oldpacket, uint32_t yiaddr)
        struct option_set *curr;
        uint32_t lease_time_sec;
        struct in_addr addr;
-       uint8_t *p_host_name;
+       const char *p_host_name;
 
        init_packet(&packet, oldpacket, DHCPACK);
        packet.yiaddr = yiaddr;
@@ -242,8 +248,12 @@ int FAST_FUNC send_ACK(struct dhcp_packet *oldpacket, uint32_t yiaddr)
        if (send_packet(&packet, 0) < 0)
                return -1;
 
-       p_host_name = get_option(oldpacket, DHCP_HOST_NAME);
-       add_lease(packet.chaddr, packet.yiaddr, lease_time_sec, p_host_name);
+       p_host_name = (const char*) get_option(oldpacket, DHCP_HOST_NAME);
+       add_lease(packet.chaddr, packet.yiaddr,
+               lease_time_sec,
+               p_host_name,
+               p_host_name ? (unsigned char)p_host_name[OPT_LEN - OPT_DATA] : 0
+       );
        if (ENABLE_FEATURE_UDHCPD_WRITE_LEASES_EARLY) {
                /* rewrite the file with leases at every new acceptance */
                write_leases();