| CC: | gdiener@excelii.com, 627136-forwarded@bugs.debian.org, 627136@bugs.debian.org |
| Subject: | [gdiener@excelii.com: Bug#627136: isc-dhcp-server: dhcpd segfaults on config with multiple empty lines] |
| Date: | Wed, 24 Aug 2011 22:44:22 -0700 |
| To: | dhcp-bugs@isc.org |
| From: | Andrew Pollock <apollock@debian.org> |
Hello,
A user reported this bug to us a while ago. I can reproduce it with the
configuration included below on 4.2.2, just by using the -t option.
Please maintain the Cc of this email to keep our bug tracking system in the
loop.
regards
Andrew
----- Forwarded message from Glen Diener <gdiener@excelii.com> -----
Date: Tue, 17 May 2011 17:07:49 -0500
From: Glen Diener <gdiener@excelii.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#627136: isc-dhcp-server: dhcpd segfaults on config with multiple empty
lines
X-Mailer: reportbug 4.12.6
Package: isc-dhcp-server
Version: 4.1.1-P1-15+squeeze2
Severity: important
The dhcpd server dies with segmentation fault when the dhcpd.conf file contains numerous
consecutive blank lines. In my case, the dhcpd.conf had 100 consecutive lines with 23 spaces.
The server will exhibit the same behavior with 1507 or more consecutive blank lines.
The relevant contents of /var/log/syslog follow:
May 17 15:45:41 buddy dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1
May 17 15:45:41 buddy dhcpd: Copyright 2004-2010 Internet Systems Consortium.
May 17 15:45:41 buddy dhcpd: All rights reserved.
May 17 15:45:41 buddy dhcpd: For info, please visit https://www.isc.org/software/dhcp/
May 17 15:45:41 buddy kernel: [29319.970678] dhcpd[15683]: segfault at 1003549 ip 00000000004414bc sp 00007fff74979718 error 4 in dhcpd[400000+a7000]
I suspect a buffer overflow problem when the amount of white space between configuration directives reaches a threshold.
-- System Information:
Debian Release: 6.0.1
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages isc-dhcp-server depends on:
ii debconf [debconf-2. 1.5.36.1 Debian configuration management sy
ii debianutils 3.4 Miscellaneous utilities specific t
ii isc-dhcp-common 4.1.1-P1-15+squeeze2 common files used by all the isc-d
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip
isc-dhcp-server recommends no packages.
Versions of packages isc-dhcp-server suggests:
pn isc-dhcp-server-ldap <none> (no description available)
-- Configuration Files:
/etc/dhcp/dhcpd.conf changed:
authoritative;
option domain-name "internal.excelhustler.com";
option domain-name-servers 192.168.0.2;
option wpad code 252 = text;
option wpad "http://wpad.internal.hustlerturf.com/wpad.dat";
option systemimager-server code 140 = text;
option systemimager-server "192.168.0.8";
option space gpxe;
option gpxe-encap-opts code 175 = encapsulate gpxe;
option gpxe.bus-id code 177 = string;
option gpxe.keep-san code 8 = unsigned integer 8;
option subnet-mask 255.255.0.0;
default-lease-time 172800;
max-lease-time 345600;
allow duplicates; # Seems to be needed for Mac clients
subnet 192.168.0.0 netmask 255.255.0.0 {
option broadcast-address 192.168.255.255;
option routers 192.168.0.1;
}
host rgomez.desktop.internal.excelhustler.com {
# This machine belongs to rgomez
# This machine is: PG030911005191
# Ethernet vendor is: Unknown
hardware ethernet 00:e0:4c:a8:78:c0;
fixed-address 192.168.5.3;
next-server 192.168.0.61;
filename "pxelinux.0";
}
-- debconf information excluded
----- End forwarded message -----
Message body not shown because it is not plain text.