From 2a354453dc92cb82df1fd49e9634084d7add28d9 Mon Sep 17 00:00:00 2001 From: renmingshuai Date: Sat, 20 Jan 2024 03:08:31 +0000 Subject: [PATCH] IAID is output has hexe if it contains '\' or '"' Signed-off-by: renmingshuai (cherry picked from commit cbb6f37d600d5d3dbe6c0a5e9d6e40ff7ed8d626) --- ...is-output-has-hexe-if-it-contains-or.patch | 46 +++++++++++++++++++ dhcp.spec | 9 +++- 2 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 IAID-is-output-has-hexe-if-it-contains-or.patch diff --git a/IAID-is-output-has-hexe-if-it-contains-or.patch b/IAID-is-output-has-hexe-if-it-contains-or.patch new file mode 100644 index 0000000..9c73699 --- /dev/null +++ b/IAID-is-output-has-hexe-if-it-contains-or.patch @@ -0,0 +1,46 @@ +From fb971ee6b5403c21e64fa66c8711f688f763518c Mon Sep 17 00:00:00 2001 +From: renmingshuai +Date: Sat, 20 Jan 2024 02:51:53 +0000 +Subject: [PATCH] IAID is output has hexe if it contains '\' or '"' + +Signed-off-by: renmingshuai +--- + client/dhclient.conf.5 | 6 +++--- + common/print.c | 4 +++- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/client/dhclient.conf.5 b/client/dhclient.conf.5 +index 566a881..2e2dc56 100644 +--- a/client/dhclient.conf.5 ++++ b/client/dhclient.conf.5 +@@ -617,9 +617,9 @@ pairs, separated by colons. + Currently, the values written out based on lease-id-format are the default-duid + and the IAID value (DHCPv6 only). The client automatically reads the values + in either format. Note that when the format is octal, rather than as an octal +-string, IAID is output as hex if it contains no printable characters or as a +-string if contains only printable characters. This is done to maintain backward +-compatibility. ++string, IAID is output as hex if it contains special character '"', '\' or ++no printable characters, or as a string if contains only printable characters. ++This is done to maintain backward compatibility. + .PP + \fBreject \fIcidr-ip-address\fR [\fB,\fR \fI...\fB \fIcidr-ip-address\fR ] \fB;\fR + .PP +diff --git a/common/print.c b/common/print.c +index b42e7bc..6835eb1 100644 +--- a/common/print.c ++++ b/common/print.c +@@ -427,7 +427,9 @@ void print_hex_or_string (len, data, limit, buf) + return; + + for (i = 0; (i < (limit - 3)) && (i < len); i++) { +- if (!isascii(data[i]) || !isprint(data[i])) { ++ /* print as hex if the characters contain '"' or '\' */ ++ if (!isascii(data[i]) || !isprint(data[i]) || ++ (data[i] == '"' || data[i] == '\\')) { + print_hex_only(len, data, limit, buf); + return; + } +-- +2.33.0 + diff --git a/dhcp.spec b/dhcp.spec index 096a27b..3488b76 100644 --- a/dhcp.spec +++ b/dhcp.spec @@ -3,7 +3,7 @@ Name: dhcp Version: 4.4.3 -Release: 5 +Release: 6 Summary: Dynamic host configuration protocol software #Please don't change the epoch on this package Epoch: 12 @@ -60,6 +60,7 @@ Patch41: Revert-correcting-the-logic-in-dhclient.patch Patch42: backport-CVE-2022-2795.patch Patch43: backport-CVE-2022-38177.patch Patch44: backport-CVE-2022-38178.patch +Patch45: IAID-is-output-has-hexe-if-it-contains-or.patch BuildRequires: gcc autoconf automake libtool openldap-devel krb5-devel libcap-ng-devel BuildRequires: systemd systemd-devel @@ -308,6 +309,12 @@ exit 0 %{_mandir}/man3/omapi.3.gz %changelog +* Sat Jan 20 2024 renmingshuai - 12:4.4.3-6 +- Type:bugfix +- ID: +- SUG:restart +- DESC:IAID is output has hexe if it contains '\' or '"' + * Thu Jan 4 2024 renmingshuai - 12:4.4.3-5 - Type:CVE - ID:CVE-2022-2795,CVE-2022-38177,CVE-2022-38178 -- Gitee