Commit e9c97ab4 authored by Baruch Siach's avatar Baruch Siach Committed by Peter Korsgaard
Browse files

dhcp: add upstream security fix

Fixes socket leak that might cause denial of service.

https://bugzilla.redhat.com/show_bug.cgi?id=1523547

Signed-off-by: default avatarBaruch Siach <baruch@tkos.co.il>
Signed-off-by: default avatarThomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit a4c6ac59e6e056e43c899d0e6c59a7e6139bfd52)
Signed-off-by: default avatarPeter Korsgaard <peter@korsgaard.com>
parent 0e630f38
From 5097bc0559f592683faac1f67bf350e1bddf6ed4 Mon Sep 17 00:00:00 2001
From: Thomas Markwalder <tmark@isc.org>
Date: Thu, 7 Dec 2017 11:39:30 -0500
Subject: [PATCH] [v4_3] Plugs a socket descriptor leak in OMAPI
Merges in rt46767.
[baruch: drop RELNOTES hunk]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Patch status: upstream commit 5097bc0559f
omapip/buffer.c | 9 +++++++++
omapip/message.c | 2 +-
diff --git a/omapip/buffer.c b/omapip/buffer.c
index f7fdc3250e82..809034d1317b 100644
--- a/omapip/buffer.c
+++ b/omapip/buffer.c
@@ -566,6 +566,15 @@ isc_result_t omapi_connection_writer (omapi_object_t *h)
omapi_buffer_dereference (&buffer, MDL);
}
}
+
+ /* If we had data left to write when we're told to disconnect,
+ * we need recall disconnect, now that we're done writing.
+ * See rt46767. */
+ if (c->out_bytes == 0 && c->state == omapi_connection_disconnecting) {
+ omapi_disconnect (h, 1);
+ return ISC_R_SHUTTINGDOWN;
+ }
+
return ISC_R_SUCCESS;
}
diff --git a/omapip/message.c b/omapip/message.c
index 59ccdc2c05cf..21bcfc3822e7 100644
--- a/omapip/message.c
+++ b/omapip/message.c
@@ -339,7 +339,7 @@ isc_result_t omapi_message_unregister (omapi_object_t *mo)
}
#ifdef DEBUG_PROTOCOL
-static const char *omapi_message_op_name(int op) {
+const char *omapi_message_op_name(int op) {
switch (op) {
case OMAPI_OP_OPEN: return "OMAPI_OP_OPEN";
case OMAPI_OP_REFRESH: return "OMAPI_OP_REFRESH";
--
2.15.1
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment