dhcpcd: fix buffer overflow

Backport a patch to fix buffer overflow for strlcpy: $ dhcpcd enp0s3 dhcpcd-10.0.2 starting *** buffer overflow detected ***: terminated dhcpcd_fork_cb: truncated read 0 (expected 4) (From OE-Core rev: d0bd1c823c10af9a0ef7e5ce05b770c1d8bb247c) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-26 09:32:14 +02:00 · 2023-08-29 19:06:35 +08:00
parent eeea001e9b
commit c9843dfd1c
2 changed files with 34 additions and 0 deletions
--- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb
+++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb
@@ -15,6 +15,7 @@ SRC_URI = "git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=ma
           file://dhcpcd.service \
           file://dhcpcd@.service \
           file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \
+           file://0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch \
           "

 SRCREV = "d2fbde99cf2d0072016af9dfe6a77032a5a9fc30"
--- a/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch
+++ b/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch
@@ -0,0 +1,33 @@
+From 1bd8fc7d4b34f752a32709d277a897e5ad202d97 Mon Sep 17 00:00:00 2001
+From: Tobias Heider <tobhe@users.noreply.github.com>
+Date: Tue, 15 Aug 2023 18:06:48 +0200
+Subject: [PATCH] privsep: fix strlcpy overflow in psp_ifname (#239)
+
+When running our Ubuntu tests with libc6 and strlcpy overflow checks
+enabled we found that the wrong size is passed to strlcpy resulting
+in a crash because of an overflow.
+
+Upstream-Status: Backport
+[https://github.com/NetworkConfiguration/dhcpcd/commit/1bd8fc7d4b34f752a32709d277a897e5ad202d97]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ src/privsep.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/privsep.c b/src/privsep.c
+index b11c0351..cfe54742 100644
+--- a/src/privsep.c
+++ b/src/privsep.c
+@@ -1200,7 +1200,7 @@ ps_newprocess(struct dhcpcd_ctx *ctx, struct ps_id *psid)
+ #endif
+ 
+ 	if (!(ctx->options & DHCPCD_MANAGER))
+-		strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_name));
+		strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_ifname));
+ 	TAILQ_INSERT_TAIL(&ctx->ps_processes, psp, next);
+ 	return psp;
+ }
+-- 
+2.25.1
+