This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 438149 - dhclient -p does not check if cmd line params are sane
dhclient -p does not check if cmd line params are sane
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: dhcp (Show other bugs)
4.6
All Linux
medium Severity low
: rc
: ---
Assigned To: David Cantrell
Alexander Todorov
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-03-19 09:00 EDT by Milos Malik
Modified: 2009-05-18 16:06 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-05-18 16:06:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Milos Malik 2008-03-19 09:00:17 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; cs-CZ; rv:1.8.1.12) Gecko/20080208 Fedora/2.0.0.12-1.fc8 Firefox/2.0.0.12

Description of problem:
The dhclient utility does not check if the port number (which is given to "-p" command line parameter) is sane.

Version-Release number of selected component (if applicable):
dhcp-3.0.1-61

How reproducible:
Always


Steps to Reproduce:
1. dhclient -p -1
2. dhclient -p 65536


Actual Results:
1. dhclient prints message "binding to user-specified port 65535" and continues in its run
2. dhclient prints message "binding to user-specified port 0" and continues in its run

Expected Results:
1. dhclient prints message like "invalid port number" and exits
2. dhclient prints message like "invalid port number" and exits

Additional info:
Comment 1 David Cantrell 2008-09-25 23:31:57 EDT
This is easy to fix.  dhclient right now is just using atoi() to convert the port number, which is bad practice.  That can be changed to strtol() with some sanity checks around it (min/max check, etc).
Comment 3 David Cantrell 2008-09-30 22:50:26 EDT
Fixed in dhcp-3.0.1-63.EL4 and later builds.
Comment 5 Alexander Todorov 2009-02-12 09:28:17 EST
With dhclient-3.0.1-64.EL4

[root@ibm-mongoose ~]# dhclient -p 65536
Port number specified is out of range (1-65535).

If you did not get this software from ftp.isc.org, please
get the latest from ftp.isc.org and install that before
requesting help.

If you did get this software from ftp.isc.org and have not
yet read the README, please read it before requesting help.
If you intend to request help from the dhcp-server@isc.org
mailing list, please read the section on the README about
submitting bug reports and requests for help.

Please do not under any circumstances send requests for
help directly to the authors of this software - please
send them to the appropriate mailing list as described in
the README file.

exiting.

^^ PASS

# dhclient -p -1
binding to user-specified port 65535
Internet Systems Consortium DHCP Client V3.0.1
Copyright 2004 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/products/DHCP

Listening on LPF/eth1/00:14:5e:c2:05:be
Sending on   LPF/eth1/00:14:5e:c2:05:be
Listening on LPF/eth0/00:14:5e:c2:05:bc
Sending on   LPF/eth0/00:14:5e:c2:05:bc
Sending on   Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 65534 interval 5
DHCPDISCOVER on eth1 to 255.255.255.255 port 65534 interval 7
DHCPDISCOVER on eth0 to 255.255.255.255 port 65534 interval 13
DHCPDISCOVER on eth1 to 255.255.255.255 port 65534 interval 18
<Ctrl-C>

^^ FAIL
Comment 6 David Cantrell 2009-02-12 21:21:55 EST
Fix is in dhcp-3.0.1-65.EL4, will request a respin on the erratum.
Comment 7 Alexander Todorov 2009-02-24 07:00:45 EST
Issue resolved with dhclient-3.0.1-65.EL4

# rpm -q dhclient
dhclient-3.0.1-65.EL4

# dhclient -p 65536
Port number specified is out of range (1-65535).

If you did not get this software from ftp.isc.org, please
get the latest from ftp.isc.org and install that before
requesting help.

If you did get this software from ftp.isc.org and have not
yet read the README, please read it before requesting help.
If you intend to request help from the dhcp-server@isc.org
mailing list, please read the section on the README about
submitting bug reports and requests for help.

Please do not under any circumstances send requests for
help directly to the authors of this software - please
send them to the appropriate mailing list as described in
the README file.

exiting.


# dhclient -p -1
Port number specified is out of range (1-65535).

If you did not get this software from ftp.isc.org, please
get the latest from ftp.isc.org and install that before
requesting help.

If you did get this software from ftp.isc.org and have not
yet read the README, please read it before requesting help.
If you intend to request help from the dhcp-server@isc.org
mailing list, please read the section on the README about
submitting bug reports and requests for help.

Please do not under any circumstances send requests for
help directly to the authors of this software - please
send them to the appropriate mailing list as described in
the README file.

exiting.
Comment 10 errata-xmlrpc 2009-05-18 16:06:24 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0956.html

Note You need to log in before you can comment on or make changes to this bug.