File dhcp-3.1.1-CVE-2009-0692.bnc515599.dif of Package dhcp

--- client/dhclient.c
+++ client/dhclient.c	2009/06/25 09:09:53
@@ -2587,8 +2587,8 @@ void script_write_params (client, prefix
 					 (struct option_state *)0,
 					 lease -> options,
 					 &global_scope, oc, MDL)) {
-		if (data.len > 3) {
-			struct iaddr netmask, subnet, broadcast;
+		struct iaddr netmask, subnet, broadcast;
+		if (data.len > 3 && data.len <= sizeof(netmask.iabuf)) {
 
 			memcpy (netmask.iabuf, data.data, data.len);
 			netmask.len = data.len;