[Openib-windows] Possible buffer over run caused by a malformed dhcp packet.
Fabian Tillier
ftillier at silverstorm.com
Wed Mar 8 09:18:33 PST 2006
On 3/8/06, Tzachi Dar <tzachid at mellanox.co.il> wrote:
>
> Hi Fab,
>
> While reading the code of the function __send_mgr_filter_dhcp I got to think
> that there might be a problem of a possible buffer overrun caused by the
> loop:
Yes, I think you're right. A malformed DHCP packet that is missing
the end marker would cause a buffer overrun. I'll code up a fix for
this and check it in.
Thanks for finding this!
- Fab
More information about the ofw
mailing list