changeset 5033:d8f63eaa4d2b draft

DHCP: Fix receiving BPF from privsep.
author Roy Marples <roy@marples.name>
date Wed, 05 Feb 2020 15:10:44 +0000
parents d58699a706b7
children 52dd608e14b5
files src/dhcp.c
diffstat 1 files changed, 13 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/src/dhcp.c	Wed Feb 05 14:54:49 2020 +0000
+++ b/src/dhcp.c	Wed Feb 05 15:10:44 2020 +0000
@@ -3464,6 +3464,7 @@
 	struct in_addr from;
 	size_t udp_len;
 	const struct dhcp_state *state = D_CSTATE(ifp);
+	size_t fl = bpf_frame_header_len(ifp);
 
 #ifdef PRIVSEP
 	/* Ignore double reads */
@@ -3478,6 +3479,17 @@
 	}
 #endif
 
+	/* Trim frame header */
+	if (fl != 0) {
+		if (len < fl) {
+			logerrx("%s: %s: short frame header",
+			    __func__, ifp->name);
+			return;
+		}
+		data += fl;
+		len -= fl;
+	}
+
 	/* Validate filter. */
 	if (!is_packet_udp_bootp(data, len)) {
 #ifdef BPF_DEBUG
@@ -3510,7 +3522,6 @@
 	uint8_t buf[FRAMELEN_MAX];
 	ssize_t bytes;
 	struct dhcp_state *state = D_STATE(ifp);
-	ssize_t fl = (ssize_t)bpf_frame_header_len(ifp);
 
 	/* Some RAW mechanisms are generic file descriptors, not sockets.
 	 * This means we have no kernel call to just get one packet,
@@ -3527,12 +3538,7 @@
 			}
 			break;
 		}
-		if (bytes < fl) {
-			logerrx("%s: %s: short frame header",
-			    __func__, ifp->name);
-			break;
-		}
-		dhcp_packet(ifp, buf + fl, (size_t)(bytes - fl));
+		dhcp_packet(ifp, buf, (size_t)bytes);
 		/* Check we still have a state after processing. */
 		if ((state = D_STATE(ifp)) == NULL)
 			break;