Opened 22 months ago

Last modified 3 months ago

#4515 new defect

Max allowed client-id is specified incorrectly (short by 4 bytes)

Reported by: tomek Owned by:
Priority: low Milestone: Kea1.x
Component: database-all Version: git
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: DHCP Feature Depending on Ticket:
Estimated Difficulty: 0 Add Hours to Ticket: 0
Total Hours: 0 Internal?: no


This came up during Cassandra code review. ClientId? class (src/lib/dhcp/duid.h) defines max length as:

    static const size_t MAX_CLIENT_ID_LEN = DUID::MAX_DUID_LEN;

Where max DUID len is 128. That value is correct. However, once the DUID is put in the client-id option, there are four extra bytes for storing iaid. See Section 6.1 of RFC4361). So the max length should be 132, not 128.

This is minor thing as I hope nobody would use DUIDs and client-ids that long.

I'm afraid this may have a tendency to affect backends if they mis-implemented the field size.


Change History (3)

comment:1 Changed 21 months ago by hschempf

  • Milestone changed from Kea-proposed to Outstanding Tasks

Per June 9 team meeting, move to outstanding

comment:2 Changed 5 months ago by fdupont

  • Milestone changed from Outstanding Tasks to Kea-proposed

Still a bug to fix...

comment:3 Changed 3 months ago by tomek

  • Milestone changed from Kea-proposed to Kea1.x
Note: See TracTickets for help on using tickets.