Hi,
I found that dnsmasq doesn't reply dhcpv6 relay-forward packets after applying the patch of CVE-2017-14494. It seems like the boundary check in the patch is wrong. The following commit should fix the problem. Could you please help confirm the issue? Thank you very much. --- src/rfc3315.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/rfc3315.c b/src/rfc3315.c index c3c1c95..99b310a 100644 --- a/src/rfc3315.c +++ b/src/rfc3315.c @@ -216,7 +216,7 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz, for (opt = opts; opt; opt = opt6_next(opt, end)) { - if (opt6_ptr(opt, 0) + opt6_len(opt) >= end) { + if (opt6_ptr(opt, 0) + opt6_len(opt) > end) { return 0; } int o = new_opt6(opt6_type(opt)); -- 1.9.1 Best Regards, Yiwen
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss