From owner-freebsd-bugs@freebsd.org  Fri Nov 29 03:32:32 2019
Return-Path: <owner-freebsd-bugs@freebsd.org>
Delivered-To: freebsd-bugs@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 643EE1C1C60
 for <freebsd-bugs@mailman.nyi.freebsd.org>;
 Fri, 29 Nov 2019 03:32:32 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::50:13])
 by mx1.freebsd.org (Postfix) with ESMTP id 47PKnr26CHz4Qj9
 for <freebsd-bugs@freebsd.org>; Fri, 29 Nov 2019 03:32:32 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.nyi.freebsd.org (Postfix)
 id 484F41C1C5F; Fri, 29 Nov 2019 03:32:32 +0000 (UTC)
Delivered-To: bugs@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 481B81C1C5E
 for <bugs@mailman.nyi.freebsd.org>; Fri, 29 Nov 2019 03:32:32 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 47PKnr1K3Nz4Qj7
 for <bugs@FreeBSD.org>; Fri, 29 Nov 2019 03:32:32 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2610:1c1:1:606c::50:1d])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 10BA7825E
 for <bugs@FreeBSD.org>; Fri, 29 Nov 2019 03:32:32 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id xAT3WVdb041037
 for <bugs@FreeBSD.org>; Fri, 29 Nov 2019 03:32:31 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from bugzilla@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id xAT3WVw0041036
 for bugs@FreeBSD.org; Fri, 29 Nov 2019 03:32:31 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 238022] buffer overrun in function make_request in
 sbin/dhclient/dhclient.c
Date: Fri, 29 Nov 2019 03:32:31 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: CURRENT
X-Bugzilla-Keywords: patch
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: commit-hook@freebsd.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-238022-227-AEFfai2Q52@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-238022-227@https.bugs.freebsd.org/bugzilla/>
References: <bug-238022-227@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Nov 2019 03:32:32 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D238022

--- Comment #3 from commit-hook@freebsd.org ---
A commit references this bug:

Author: cem
Date: Fri Nov 29 03:31:47 UTC 2019
New revision: 355204
URL: https://svnweb.freebsd.org/changeset/base/355204

Log:
  Fix braino in previous bugfix r300174

  The previous revision missed the exact same error in a copy paste block
  of the same code in another function.  Fix the identical case, too.

  A DHCP client identifier is simply the hardware type (one byte)
  concatenated with the hardware address (some variable number of bytes,
  but at most 16).  Limit the size of the temporary buffer to match and
  the rest of the calculations shake out correctly.

  PR:           238022
  Reported by:  Young <yangx92 AT hotmail.com>
  Submitted by: Young <yangx92 AT hotmail.com>
  MFC after:    I don't plan to but you should feel free
  Security:     yes

Changes:
  head/sbin/dhclient/dhclient.c

--=20
You are receiving this mail because:
You are the assignee for the bug.=