From: Enrique Llorente Pastora <ellorent@redhat.com>
To: David Gibson <david@gibson.dropbear.id.au>
Cc: Stefano Brivio <sbrivio@redhat.com>, passt-dev@passt.top
Subject: Re: [PATCH] dhcp: Don't re-use request message for reply
Date: Mon, 3 Feb 2025 10:53:26 +0100 [thread overview]
Message-ID: <CAHVoYmL62Ny1EpdWuak=pfsnRE78NRtB-hg2=i6o_Z_cpTMP0A@mail.gmail.com> (raw)
In-Reply-To: <Z6CMZsIXtOH1Xdap@zatzit>
On Mon, Feb 3, 2025 at 10:29 AM David Gibson
<david@gibson.dropbear.id.au> wrote:
>
> On Sat, Feb 01, 2025 at 02:13:30PM +0100, Stefano Brivio wrote:
> > On Fri, 31 Jan 2025 15:53:29 +0100
> > Enrique Llorente <ellorent@redhat.com> wrote:
> >
> > > The logic composing the DHCP reply message is reusing the request
> > > message to compose the it, this kind be problematic from a security
> >
> > Does "be problematic" imply "would be ... once we add longer options"?
> >
> > > context and may break the functionality.
> >
> > Which one? This is important to know for distribution maintainers and,
> > ultimately, users.
>
> Right, as a general rule commit messages be specific and concrete
> about what the problem they're address is.
>
This looks about right ?
The logic composing the DHCP reply message is reusing the request
message to compose it, future long options like FQDN may
exceed the request message limit making it go beyond the lower
bound.
This change create a new reply message with a fixed options size of 308
and fill it in with proper fields from requests adding on top the generated
options, this way the reply lower bound does not depend on the request.
> --
> David Gibson (he or they) | I'll have my music baroque, and my code
> david AT gibson.dropbear.id.au | minimalist, thank you, not the other way
> | around.
> http://www.ozlabs.org/~dgibson
--
Quique Llorente
CNV networking Senior Software Engineer
Red Hat EMEA
ellorent@redhat.com
@RedHat Red Hat Red Hat
next prev parent reply other threads:[~2025-02-03 9:53 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-31 14:53 [PATCH] dhcp: Don't re-use request message for reply Enrique Llorente
2025-02-01 13:13 ` Stefano Brivio
2025-02-03 9:19 ` Enrique Llorente Pastora
2025-02-03 9:24 ` Stefano Brivio
2025-02-03 9:29 ` David Gibson
2025-02-03 9:53 ` Enrique Llorente Pastora [this message]
2025-02-03 19:00 ` Stefano Brivio
2025-02-03 10:26 ` Enrique Llorente Pastora
2025-02-03 19:00 ` Stefano Brivio
2025-02-04 9:27 ` Enrique Llorente Pastora
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHVoYmL62Ny1EpdWuak=pfsnRE78NRtB-hg2=i6o_Z_cpTMP0A@mail.gmail.com' \
--to=ellorent@redhat.com \
--cc=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).