From 0b87f9247f0a16cb578c4e52cb6f847ba537559d Mon Sep 17 00:00:00 2001 From: sephe Date: Fri, 6 May 2016 05:44:12 +0000 Subject: [PATCH] MFC r298385 dhclient: Log a warning instead of bailing upon "illegal" options In Azure, the DHCP servers add private option (id 0xf5), which contains binary form of an IPv4 address. Once this option is converted to string form, it could contain '$', e.g. IPv4 address: 100.72.36.54 binary form: 0x64 0x48 0x24 0x36 string form: "dH$6" dhclient bails upon "illegal" options like the above example, thus the VM bring-up will fail. Also as a side note, this "illegal" option detection was added in OpenBSD ~11years ago: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin/dhclient/dhclient.c?rev=1.50&content-type=text/x-cvsweb-markup And it was removed along with the removal of script support in OpenBSD ~3years ago: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin/dhclient/dhclient.c?rev=1.159&content-type=text/x-cvsweb-markup Reported by: Hongxiong Xian Reviewed by: jhb, Dexuan Cui Tested by: Hongxiong Xian Analyzed by: Dong Liu Sponsored by: Microsoft OSTC Differential Revision: https://reviews.freebsd.org/D5853 git-svn-id: svn://svn.freebsd.org/base/stable/10@299156 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f --- sbin/dhclient/dhclient.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c index 97f9d47d2..b173eb20c 100644 --- a/sbin/dhclient/dhclient.c +++ b/sbin/dhclient/dhclient.c @@ -2277,6 +2277,17 @@ script_set_env(struct client_state *client, const char *prefix, { int i, j, namelen; + /* No `` or $() command substitution allowed in environment values! */ + for (j=0; j < strlen(value); j++) + switch (value[j]) { + case '`': + case '$': + warning("illegal character (%c) in value '%s'", + value[j], value); + /* Ignore this option */ + return; + } + namelen = strlen(name); for (i = 0; client->scriptEnv[i]; i++) @@ -2313,16 +2324,6 @@ script_set_env(struct client_state *client, const char *prefix, strlen(value) + 1); if (client->scriptEnv[i] == NULL) error("script_set_env: no memory for variable assignment"); - - /* No `` or $() command substitution allowed in environment values! */ - for (j=0; j < strlen(value); j++) - switch (value[j]) { - case '`': - case '$': - error("illegal character (%c) in value '%s'", value[j], - value); - /* not reached */ - } snprintf(client->scriptEnv[i], strlen(prefix) + strlen(name) + 1 + strlen(value) + 1, "%s%s=%s", prefix, name, value); } -- 2.45.0