Project

General

Profile

Actions
Copy link

Feature #13584

closed

Input validation for numbered DHCP options in static mappings

Added by Jonathan DeFreeuw over 1 year ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Low
Assignee:
Christian McDonald
Category:
DHCP (IPv4)
Target version:
2.7.0
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
23.01
Release Notes:
Default

Description

Bug: Incorrectly formatted values in Additional BOOTP/DHCP Options for Static DHCP Mappings cause dhcpd to crash. For example, the Option

43:Text:"Raspberry Pi Boot   "

will save as expected and apply, but dhcpd logs will show a failure.

Oct 19 12:41:43    dhcpd    86624    exiting.
Oct 19 12:41:43    dhcpd    86624    process and the information we find helpful for debugging.
Oct 19 12:41:43    dhcpd    86624    before submitting a bug. These pages explain the proper
Oct 19 12:41:43    dhcpd    86624    bugs on either our web page at www.isc.org or in the README file
Oct 19 12:41:43    dhcpd    86624    than a configuration issue please read the section on submitting
Oct 19 12:41:43    dhcpd    86624    If you think you have received this message due to a bug rather
Oct 19 12:41:43    dhcpd    86624    Configuration file errors encountered -- exiting
Oct 19 12:41:43    dhcpd    86624    ^
Oct 19 12:41:43    dhcpd    86624    option custom-s_lan_0-0 ""Raspberry
Oct 19 12:41:43    dhcpd    86624    /etc/dhcpd.conf line 47: semicolon expected.

Fix: Perform input validation in the Additional BOOTP/DHCP Options fields for Static DHCP Mappings entries in services_dhcp_edit.php:158 just as is currently being done in services_dhcp.php:477 .

Not a PHP developer in the slightest so don't really know where to start to actually implement and test any sort of input validation, but if someone wanted to walk me through some steps to get started, I'd be happy to take a crack at it and submit a pull request.

Files

clipboard-202210271205-fgbxc.png (50.3 KB) clipboard-202210271205-fgbxc.png Danilo Zrenjanin, 10/27/2022 05:05 AM

Related issues

Has duplicate Bug #13954: Invalid custom DHCP option data can cause the DHCP daemon to failDuplicate

Actions
Actions
Copy link
 #1

Updated by Kris Phillips over 1 year ago

Hello Jonathan,

What version of pfSense or pfSense Plus did you test this on? The bug report includes no Affected Version information.

Actions
Copy link
 #2

Updated by Jonathan DeFreeuw over 1 year ago

This is on 2.6.0-RELEASE (amd64).

Actions
Copy link
 #3

Updated by Christian McDonald over 1 year ago

  • Assignee set to Christian McDonald
  • Target version set to 2.7.0
  • Plus Target Version set to 23.01
Actions
Copy link
 #4

Updated by Christian McDonald over 1 year ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions
Copy link
 #5

Updated by Danilo Zrenjanin over 1 year ago

Tested on:

2.7.0-DEVELOPMENT (amd64)
built on Thu Oct 27 06:05:35 UTC 2022
FreeBSD 14.0-CURRENT

I couldn't save the config with quotation marks in the text field.

The following input errors were detected:

Text type cannot include quotation marks.

I am marking this ticket resolved.

Actions
Copy link
 #6

Updated by Jim Pingle over 1 year ago

  • Tracker changed from Bug to Feature
  • Subject changed from Input Validation on DHCP Options for Static Mappings to Input validation for numbered DHCP options in static mappings

Updating subject for release notes.

Actions
Copy link
 #7

Updated by Jim Pingle about 1 year ago

  • Has duplicate Bug #13954: Invalid custom DHCP option data can cause the DHCP daemon to fail added
Actions
Copy link

Also available in: Atom PDF