From a2bc254bed53a7d9e6d6d64285ca17bc5091a17f Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Thu, 21 Apr 2016 22:34:22 +0100
Subject: [PATCH] Check return-code of inet_pton when parsing DHCPv4 options.

---
 CHANGELOG    | 5 +++++
 src/option.c | 7 ++++---
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 9218b8c..fced746 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -56,6 +56,11 @@ version 2.76
 	    Add --tftp-mtu option. Thanks to Patrick McLean for the 
 	    initial patch.
 
+	    Check return-code of inet_pton() when parsing dhcp-option.
+	    Bad addresses could fail to generate errors and result in
+	    garbage dhcp-options being sent. Thanks to Marc Branchaud 
+	    for spotting this.
+
 
 version 2.75
             Fix reversion on 2.74 which caused 100% CPU use when a 
diff --git a/src/option.c b/src/option.c
index df286ff..df390b1 100644
--- a/src/option.c
+++ b/src/option.c
@@ -1199,7 +1199,8 @@ static int parse_dhcp_opt(char *errstr, char *arg, int flags)
 	      cp = comma;
 	      comma = split(cp);
 	      slash = split_chr(cp, '/');
-	      inet_pton(AF_INET, cp, &in);
+	      if (!inet_pton(AF_INET, cp, &in))
+		ret_err(_("bad IPv4 address"));
 	      if (!slash)
 		{
 		  memcpy(op, &in, INADDRSZ);
@@ -3658,8 +3659,8 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
 	    (!(inet_pton(AF_INET, a[1], &new->out) > 0)))
 	  option = '?';
 	
-	if (k == 3)
-	  inet_pton(AF_INET, a[2], &new->mask);
+	if (k == 3 && !inet_pton(AF_INET, a[2], &new->mask))
+	  option = '?';
 	
 	if (dash && 
 	    (!(inet_pton(AF_INET, dash, &new->end) > 0) ||