BusyBox Bug and Patch Tracking
BusyBox
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0000260 [BusyBox] Networking Support minor random 05-18-05 20:43 07-31-05 15:34
Reporter keithsmith View Status public  
Assigned To BusyBox
Priority normal Resolution fixed  
Status closed   Product Version 1.00
Summary 0000260: udhcpc doesn't validate client hardware address
Description When udhcpc initiates a DHCP negotiation, it generates a transaction ID that it uses to identify server responses targeted to the current host. During the negotiation, udhcpc assumes that all packets received from the server tagged with the original transaction ID are valid for the current host.

However, if /dev/urandom has been seeded identically on a number of hosts, a subset of them may use the same transaction ID for their first interaction with the DHCP server. This means that they may act on offers and absorb ACKs that the server intended for a different host. In short, boxes may acquire IP addresses that the server wasn't offering to them, causing IP conflicts and hell with name resolution.

I am seeing this effect because my company's terminal product has a remote configuration tool that allows multiple boxes to be soft-rebooted simultaneously.

Admittedly the PRNG needs to be uniquely seeded on each device, but failure to do this should not necessarily cause IP conflicts on your network.
Additional Information The patch contains a magic number, 6, representing the length of an ethernet MAC address. However,

grep -r '[^0-9\.]6[^0-9\.]' busybox-1.00/networking/udhcp

returns 22 matches, 20 of which contain a magic 6. It would be better to address this situation with a separate patch.


It is easier to reproduce this bug if you temporarily(!) alias /dev/urandom to /dev/zero.
Attached Files  udhcpc-check-chaddr.patch [^] (583 bytes) 05-18-05 20:43

- Relationships

- Notes
(0000323)
pgf
07-20-05 12:13

Committed revision 10880.
 

- Issue History
Date Modified Username Field Change
05-18-05 20:43 keithsmith New Issue
05-18-05 20:43 keithsmith File Added: udhcpc-check-chaddr.patch
05-18-05 20:59 keithsmith Issue Monitored: keithsmith
06-01-05 13:53 keithsmith Issue End Monitor: keithsmith
07-20-05 12:13 pgf Status assigned => resolved
07-20-05 12:13 pgf Resolution open => fixed
07-20-05 12:13 pgf Note Added: 0000323
07-31-05 15:34 vapier Status resolved => closed


Copyright © 2000 - 2006 Mantis Group
Powered by Mantis Bugtracker