File dhcp-3.1.1-CVE-2009-0692.bnc515599.dif of Package dhcp
--- client/dhclient.c +++ client/dhclient.c 2009/06/25 09:09:53 @@ -2587,8 +2587,8 @@ void script_write_params (client, prefix (struct option_state *)0, lease -> options, &global_scope, oc, MDL)) { - if (data.len > 3) { - struct iaddr netmask, subnet, broadcast; + struct iaddr netmask, subnet, broadcast; + if (data.len > 3 && data.len <= sizeof(netmask.iabuf)) { memcpy (netmask.iabuf, data.data, data.len); netmask.len = data.len;