| author | Mike Sullivan <Mike.Sullivan@Oracle.COM> |
| Mon, 07 Nov 2016 16:32:57 -0800 | |
| changeset 7257 | 779372532897 |
| parent 6093 | 89cd363fa5c9 |
| permissions | -rw-r--r-- |
|
6093
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
1 |
This patch is ISC's mitigation code for CVE-2016-2774 - see ISC-Bugs |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
2 |
#41845. It was ported from ISC DHCP 4.3.4. |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
3 |
|
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
4 |
--- old/./RELNOTES Tue May 24 14:46:36 2016 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
5 |
+++ new/./RELNOTES Tue May 24 14:46:35 2016 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
6 |
@@ -1,6 +1,6 @@ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
7 |
Internet Systems Consortium DHCP Distribution |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
8 |
- Version 4.3.3-P1 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
9 |
- 01 January 2016 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
10 |
+ Version 4.3.3-P1-S1 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
11 |
+ 29 March 2016 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
12 |
|
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
13 |
Release Notes |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
14 |
|
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
15 |
@@ -52,6 +52,12 @@ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
16 |
Consortium. This product includes cryptographic software written |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
17 |
by Eric Young ([email protected]). |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
18 |
|
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
19 |
+ Changes since 4.3.3-P1 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
20 |
+ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
21 |
+! Add an option in site.h to limit the number of failover and control |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
22 |
+ connections the server will accept. By default this is 200. |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
23 |
+ [ISC-Bugs #41845] |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
24 |
+ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
25 |
Changes since 4.3.3 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
26 |
|
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
27 |
! Update the bounds checking when receiving a packet. |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
28 |
--- old/includes/site.h Tue May 24 14:46:37 2016 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
29 |
+++ new/includes/site.h Tue May 24 14:46:36 2016 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
30 |
@@ -292,6 +292,12 @@ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
31 |
this option will be removed at some time. */ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
32 |
/* #define INCLUDE_OLD_DHCP_ISC_ERROR_CODES */ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
33 |
|
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
34 |
+/* Limit the value of a file descriptor the serve will use |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
35 |
+ when accepting a connecting request. This can be used to |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
36 |
+ limit the number of TCP connections that the server will |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
37 |
+ allow at one time. A value of 0 means there is no limit.*/ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
38 |
+#define MAX_FD_VALUE 200 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
39 |
+ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
40 |
/* Include definitions for various options. In general these |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
41 |
should be left as is, but if you have already defined one |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
42 |
of these and prefer your definition you can comment the |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
43 |
--- old/omapip/listener.c Tue May 24 14:46:37 2016 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
44 |
+++ new/omapip/listener.c Tue May 24 14:46:36 2016 |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
45 |
@@ -233,7 +233,12 @@ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
46 |
return ISC_R_NORESOURCES; |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
47 |
return ISC_R_UNEXPECTED; |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
48 |
} |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
49 |
- |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
50 |
+ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
51 |
+ if ((MAX_FD_VALUE != 0) && (socket > MAX_FD_VALUE)) {
|
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
52 |
+ close(socket); |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
53 |
+ return (ISC_R_NORESOURCES); |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
54 |
+ } |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
55 |
+ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
56 |
#if defined (TRACING) |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
57 |
/* If we're recording a trace, remember the connection. */ |
|
89cd363fa5c9
22879627 problem in SERVICE/DHCP-SERVER
Ben Chang <Benjamin.Chang@Oracle.COM>
parents:
diff
changeset
|
58 |
if (trace_record ()) {
|