Bug 1023631 - dhclient: option length exceeds option buffer length
dhclient: option length exceeds option buffer length
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: dhcp (Show other bugs)
19
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Jiri Popelka
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-10-26 06:27 EDT by Harald Reindl
Modified: 2013-12-16 04:34 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-12-16 04:34:04 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
I believe this corresponds to packet #26/50 in the packet capture (17.37 KB, application/octet-stream)
2013-12-15 07:16 EST, Harald Reindl
no flags Details

  None (edit)
Description Harald Reindl 2013-10-26 06:27:37 EDT
no idea what my cable-ISP is sending here regulary but this smells 
security related in case you enter a network with a bad dhcp server

Oct 26 10:02:59 srv-rhsoft dhclient[17984]: parse_option_buffer: malformed option dhcp.<unknown> (code 84): option length exceeds option buffer length

AFAIK this happens each time due renewal
Comment 1 Jiri Popelka 2013-10-29 05:48:29 EDT
Yes, the error smells like security related, but seems to be OK.
It just says that the option field is longer then we were told it is so we won't parse it.

It's most likely a problem in the option with code 84 (some unused [1] option code), but could of course be a problem on dhclient's side as well so if you could catch some of these renewal packets and attach them here, I'd investigate them to be sure we don't do anything wrong.

[1] http://tools.ietf.org/html/rfc3679
Comment 2 Harald Reindl 2013-10-29 06:00:37 EDT
hard to investigate because it's the WAN-interface (http://www.chello.at) and it happens on any machine directly connected to the cable modem

more examples:
parse_option_buffer: malformed option dhcp.smtp-server (code 69): option length exceeds option buffer length.
parse_option_buffer: malformed option dhcp.<unknown> (code 107): option length exceeds option buffer length
parse_option_buffer: malformed option dhcp.<unknown> (code 116): option length exceeds option buffer length.
Comment 3 Dave Rutherford 2013-12-15 07:02:14 EST
I have caught such a packet using wireshark. The log message was --
    Dec 15 06:40:14 bb dhclient: parse_option_buffer: malformed option dhcp.smtp-server (code 69): option length exceeds option buffer length.

I believe this corresponds to packet #26/50 in the packet capture
file placed at http://evilpettingzoo.com/data/dhcp_packets.eth1
(don't see a way to attach files to this comment, sorry)

This packet appears to pertain to somebody else on my cable network segment.

Regards,
   Dave
Comment 4 Harald Reindl 2013-12-15 07:16:56 EST
Created attachment 836923 [details]
I believe this corresponds to packet #26/50 in the packet capture

> don't see a way to attach files to this comment

choose "Add Attachment" on top and write the comment to it :-)

i downloaded the file and created the attachment
externel ressources may disappear over the time
Comment 5 Jiri Popelka 2013-12-16 04:34:04 EST
(In reply to Harald Reindl from comment #4)
> i downloaded the file and created the attachment

Thanks


(In reply to Dave Rutherford from comment #3)
> I have caught such a packet using wireshark.

Thanks.
 
> I believe this corresponds to packet #26/50 in the packet capture

Yes, looks like it. Even wireshark marks that packet as "Malformed".
Since we don't process that option at all (per my comment #1) I think there's nothing more we can do here.

Note You need to log in before you can comment on or make changes to this bug.