File 0020-dhcp-4.x.x-fixed-improper-lease-duration-checking.patch of Package dhcp.19307
From: Marius Tomaschewski <mt@suse.de>
Date: Tue, 12 Jan 2016 15:42:22 +0100
Subject: [PATCH] fixed improper lease duration checking.
References: bsc#936923, bsc#880984
year 2038 is EOT only for 32 bit machine. This patch checks
wordsize and do a proper EOT checking on lease duration. It
also fixes integer overflows in the date and time handling code.
--- common/parse.c.orig
+++ common/parse.c
@@ -939,7 +939,7 @@ TIME
parse_date_core(cfile)
struct parse *cfile;
{
- int guess;
+ long guess;
int tzoff, year, mon, mday, hour, min, sec;
const char *val;
enum dhcp_token token;
@@ -966,7 +966,7 @@ parse_date_core(cfile)
}
skip_token(&val, NULL, cfile); /* consume number */
- guess = atoi(val);
+ guess = atol(val);
return((TIME)guess);
}
@@ -1113,11 +1113,22 @@ parse_date_core(cfile)
* overflow issues. We could try and be more precise but there
* doesn't seem to be a good reason to worry about it and waste
* the cpu looking at the rest of the date. */
- if (year >= 138)
- return(MAX_TIME);
-
+ if (sizeof(time_t) == 8) {
+ /* 2038 is not an issue on 64bit. time calculations
+ * start to fail at almost INT_MAX (- some guard) */
+ if (year > 0x7fff0000)
+ return(MAX_TIME);
+ } else {
+ /* assume 32bit with end in 2038 */
+ if (year >= 138)
+ return(MAX_TIME);
+ }
+ /* I don't think we need to care about lease starts before 1900 */
+ if (year < 0)
+ return((TIME)0);
+
/* Guess the time value... */
- guess = ((((((365 * (year - 70) + /* Days in years since '70 */
+ guess = ((((((365 * ((long)year - 70) + /* Days in years since '70 */
(year - 69) / 4 + /* Leap days since '70 */
(mon /* Days in months this year */
? months [mon - 1]
--- includes/dhcpd.h.orig
+++ includes/dhcpd.h
@@ -1588,7 +1588,7 @@ typedef unsigned char option_mask [16];
#endif
#define INFINITE_TIME 0xffffffff
-#define MAX_TIME 0x7fffffff
+#define MAX_TIME LONG_MAX
#define MIN_TIME 0
#ifdef USE_LOG_PID