Re: [PATCH] dhcp: Don't re-use request message for reply

On Mon, Feb 3, 2025 at 10:29 AM David Gibson
<david(a)gibson.dropbear.id.au> wrote:
...
 
 On Sat, Feb 01, 2025 at 02:13:30PM +0100, Stefano Brivio wrote:
  On Fri, 31 Jan 2025 15:53:29 +0100
 Enrique Llorente <ellorent(a)redhat.com> wrote:

  The logic composing the DHCP reply message is
reusing the request
 message to compose the it, this kind be problematic from a security 
 Does "be problematic" imply "would be ... once we add longer
options"?

  context and may break the functionality. 
 Which one? This is important to know for distribution maintainers and,
 ultimately, users. 
 Right, as a general rule commit messages be specific and concrete
 about what the problem they're address is.
 
This looks about right ?

    The logic composing the DHCP reply message is reusing the request
    message to compose it, future long options like FQDN may
    exceed the request message limit making it go beyond the lower
    bound.

    This change create a new reply message with a fixed options size of 308
    and fill it in with proper fields from requests adding on top the generated
    options, this way the reply lower bound does not depend on the request.


...
  --
 David Gibson (he or they)       | I'll have my music baroque, and my code
 david AT gibson.dropbear.id.au  | minimalist, thank you, not the other way
                                 | around.
 http://www.ozlabs.org/~dgibson 


-- 
Quique Llorente

CNV networking Senior Software Engineer

Red Hat EMEA

ellorent(a)redhat.com

@RedHat   Red Hat  Red Hat