Project

General

Profile

Actions

Feature #13584

closed

Input validation for numbered DHCP options in static mappings

Added by Jonathan DeFreeuw about 2 years ago. Updated about 2 years ago.

Status:
Resolved
Priority:
Low
Category:
DHCP (IPv4)
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
23.01
Release Notes:
Default

Description

Bug: Incorrectly formatted values in Additional BOOTP/DHCP Options for Static DHCP Mappings cause dhcpd to crash. For example, the Option

43:Text:"Raspberry Pi Boot   " 

will save as expected and apply, but dhcpd logs will show a failure.

Oct 19 12:41:43    dhcpd    86624    exiting.
Oct 19 12:41:43    dhcpd    86624    process and the information we find helpful for debugging.
Oct 19 12:41:43    dhcpd    86624    before submitting a bug. These pages explain the proper
Oct 19 12:41:43    dhcpd    86624    bugs on either our web page at www.isc.org or in the README file
Oct 19 12:41:43    dhcpd    86624    than a configuration issue please read the section on submitting
Oct 19 12:41:43    dhcpd    86624    If you think you have received this message due to a bug rather
Oct 19 12:41:43    dhcpd    86624    Configuration file errors encountered -- exiting
Oct 19 12:41:43    dhcpd    86624    ^
Oct 19 12:41:43    dhcpd    86624    option custom-s_lan_0-0 ""Raspberry
Oct 19 12:41:43    dhcpd    86624    /etc/dhcpd.conf line 47: semicolon expected.

Fix: Perform input validation in the Additional BOOTP/DHCP Options fields for Static DHCP Mappings entries in services_dhcp_edit.php:158 just as is currently being done in services_dhcp.php:477 .

Not a PHP developer in the slightest so don't really know where to start to actually implement and test any sort of input validation, but if someone wanted to walk me through some steps to get started, I'd be happy to take a crack at it and submit a pull request.


Files

clipboard-202210271205-fgbxc.png (50.3 KB) clipboard-202210271205-fgbxc.png Danilo Zrenjanin, 10/27/2022 05:05 AM

Related issues

Has duplicate Bug #13954: Invalid custom DHCP option data can cause the DHCP daemon to failDuplicate

Actions
Actions #1

Updated by Kris Phillips about 2 years ago

Hello Jonathan,

What version of pfSense or pfSense Plus did you test this on? The bug report includes no Affected Version information.

Actions #2

Updated by Jonathan DeFreeuw about 2 years ago

This is on 2.6.0-RELEASE (amd64).

Actions #3

Updated by Christian McDonald about 2 years ago

  • Assignee set to Christian McDonald
  • Target version set to 2.7.0
  • Plus Target Version set to 23.01
Actions #4

Updated by Christian McDonald about 2 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions #5

Updated by Danilo Zrenjanin about 2 years ago

Tested on:

2.7.0-DEVELOPMENT (amd64)
built on Thu Oct 27 06:05:35 UTC 2022
FreeBSD 14.0-CURRENT

I couldn't save the config with quotation marks in the text field.

The following input errors were detected:

Text type cannot include quotation marks.

I am marking this ticket resolved.

Actions #6

Updated by Jim Pingle about 2 years ago

  • Tracker changed from Bug to Feature
  • Subject changed from Input Validation on DHCP Options for Static Mappings to Input validation for numbered DHCP options in static mappings

Updating subject for release notes.

Actions #7

Updated by Jim Pingle almost 2 years ago

  • Has duplicate Bug #13954: Invalid custom DHCP option data can cause the DHCP daemon to fail added
Actions

Also available in: Atom PDF