rpms / dhcp

Clone
Source Code
GIT

Blame SOURCES/dhcp-4.3.6-reference_count_overflow.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   30d33496fa9de5f932010ee2d772b601005af3a6
  2.   SOURCES
  3.   dhcp-4.3.6-reference_count_overflow.patch
Blob History Raw
26a25c 
diff --git a/common/options.c b/common/options.c
26a25c 
index 83e0384..a58c5fc 100644
26a25c 
--- a/common/options.c
26a25c 
+++ b/common/options.c
26a25c 
@@ -189,6 +189,8 @@ int parse_option_buffer (options, buffer, length, universe)
26a25c
26a25c 
 		/* If the length is outrageous, the options are bad. */
26a25c 
 		if (offset + len > length) {
26a25c 
+			/* Avoid reference count overflow */
26a25c 
+			option_dereference(&option, MDL);
26a25c 
 			reason = "option length exceeds option buffer length";
26a25c 
 		      bogus:
26a25c 
 			log_error("parse_option_buffer: malformed option "

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation