From fbf946ce22ef778bf6bf04c117b75c9c63ac7e66 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Sat, 18 Nov 2023 02:43:50 +0900 Subject: [PATCH] network/dhcp: actually refuse to assign DHCP option when an invalid string is passed Prompted by #30029. --- src/network/networkd-dhcp-common.c | 4 +++- test/fuzz/fuzz-network-parser/dhcp-option | 5 +++++ 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 test/fuzz/fuzz-network-parser/dhcp-option diff --git a/src/network/networkd-dhcp-common.c b/src/network/networkd-dhcp-common.c index 195ce2d71f..080b15387c 100644 --- a/src/network/networkd-dhcp-common.c +++ b/src/network/networkd-dhcp-common.c @@ -1014,9 +1014,11 @@ int config_parse_dhcp_send_option( } case DHCP_OPTION_DATA_STRING: sz = cunescape(p, UNESCAPE_ACCEPT_NUL, &q); - if (sz < 0) + if (sz < 0) { log_syntax(unit, LOG_WARNING, filename, line, sz, "Failed to decode DHCP option data, ignoring assignment: %s", p); + return 0; + } udata = q; break; diff --git a/test/fuzz/fuzz-network-parser/dhcp-option b/test/fuzz/fuzz-network-parser/dhcp-option new file mode 100644 index 0000000000..821609c939 --- /dev/null +++ b/test/fuzz/fuzz-network-parser/dhcp-option @@ -0,0 +1,5 @@ +[DHCPv6] +SendOption=1:string:\U +SendVendorOption=123:1:string:\U +[DHCPv4] +SendOption=1:string:\U -- 2.25.1