Re: [PATCH] dhcp: Don't re-use request message for reply

On Mon, 3 Feb 2025 10:53:26 +0100 Enrique Llorente Pastora wrote:

On Mon, Feb 3, 2025 at 10:29 AM David Gibson wrote:

...

On Sat, Feb 01, 2025 at 02:13:30PM +0100, Stefano Brivio wrote:

...

On Fri, 31 Jan 2025 15:53:29 +0100 Enrique Llorente wrote:

...

The logic composing the DHCP reply message is reusing the request message to compose the it, this kind be problematic from a security

Does "be problematic" imply "would be ... once we add longer options"?

...

context and may break the functionality.

Which one? This is important to know for distribution maintainers and, ultimately, users.

Right, as a general rule commit messages be specific and concrete about what the problem they're address is.

This looks about right ?

To me yes, just:

The logic composing the DHCP reply message is reusing the request message to compose it, future long options like FQDN may exceed the request message limit making it go beyond the lower bound.

This change create a new reply message with a fixed options size of 308

creates

and fill it in with proper fields from requests adding on top the generated

fills

options, this way the reply lower bound does not depend on the request.

-- Stefano