|
|
54343e |
--- dhcp-4.2.5.orig/server/mdb.c 2016-05-03 12:46:04.933000000 -0400
|
|
|
54343e |
+++ dhcp-4.2.5/server/mdb.c 2016-05-18 14:38:27.553000000 -0400
|
|
|
54343e |
@@ -720,8 +720,9 @@ void new_address_range (cfile, low, high
|
|
|
54343e |
{
|
|
|
54343e |
#if defined(COMPACT_LEASES)
|
|
|
54343e |
struct lease *address_range;
|
|
|
54343e |
+ unsigned s;
|
|
|
54343e |
#endif
|
|
|
54343e |
- unsigned min, max, i;
|
|
|
54343e |
+ unsigned min, max, i, num_addrs;
|
|
|
54343e |
char lowbuf [16], highbuf [16], netbuf [16];
|
|
|
54343e |
struct shared_network *share = subnet -> shared_network;
|
|
|
54343e |
struct lease *lt = (struct lease *)0;
|
|
|
54343e |
@@ -777,9 +778,29 @@ void new_address_range (cfile, low, high
|
|
|
54343e |
min = host_addr (high, subnet -> netmask);
|
|
|
54343e |
}
|
|
|
54343e |
|
|
|
54343e |
+ /* get the number of addresses we want, and add it to the pool info
|
|
|
54343e |
+ * this value is only for use when setting up lease chains and will
|
|
|
54343e |
+ * be overwritten when expire_all_pools is run
|
|
|
54343e |
+ */
|
|
|
54343e |
+ num_addrs = max - min + 1;
|
|
|
54343e |
+
|
|
|
54343e |
/* Get a lease structure for each address in the range. */
|
|
|
54343e |
#if defined (COMPACT_LEASES)
|
|
|
54343e |
- address_range = new_leases (max - min + 1, MDL);
|
|
|
54343e |
+ s = (num_addrs + 1) * sizeof (struct lease);
|
|
|
54343e |
+ /* Check unsigned overflow in new_leases().
|
|
|
54343e |
+ With 304 byte lease structure (x86_64), this happens at
|
|
|
54343e |
+ range 10.0.0.0 10.215.148.52; */
|
|
|
54343e |
+ if (((s % sizeof (struct lease)) != 0) ||
|
|
|
54343e |
+ ((s / sizeof (struct lease)) != (num_addrs + 1))) {
|
|
|
54343e |
+ strcpy (lowbuf, piaddr (low));
|
|
|
54343e |
+ strcpy (highbuf, piaddr (high));
|
|
|
54343e |
+ parse_warn (cfile, "%s-%s is an overly large address range.",
|
|
|
54343e |
+ lowbuf, highbuf);
|
|
|
54343e |
+ log_info ("Consider breaking large address ranges into multiple scopes of less than 14 million IPs each.");
|
|
|
54343e |
+ log_info ("For more information, please visit: https://support.roguewave.com/resources/blogs/openlogic-blogs/how-to-extend-isc-dhcp/");
|
|
|
54343e |
+ log_fatal ("Memory overflow.");
|
|
|
54343e |
+ }
|
|
|
54343e |
+ address_range = new_leases (num_addrs, MDL);
|
|
|
54343e |
if (!address_range) {
|
|
|
54343e |
strcpy (lowbuf, piaddr (low));
|
|
|
54343e |
strcpy (highbuf, piaddr (high));
|