From d832d7ce95478b595bbf966ffef644b6efaeee7d Mon Sep 17 00:00:00 2001
From: Simon Zolin <s.zolin@adguard.com>
Date: Thu, 7 Mar 2019 14:06:35 +0300
Subject: [PATCH] * dhcp: don't process Discover/Request packets with empty
 client HW address

---
 dhcpd/dhcpd.go | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/dhcpd/dhcpd.go b/dhcpd/dhcpd.go
index f7d99d36..86aa6fa9 100644
--- a/dhcpd/dhcpd.go
+++ b/dhcpd/dhcpd.go
@@ -325,6 +325,17 @@ func (s *Server) ServeDHCP(p dhcp4.Packet, msgType dhcp4.MessageType, options dh
 	return nil
 }
 
+// Return TRUE if DHCP packet is correct
+func isValidPacket(p dhcp4.Packet) bool {
+	hw := p.CHAddr()
+	zeroes := make([]byte, len(hw))
+	if bytes.Equal(hw, zeroes) {
+		log.Tracef("Packet has empty CHAddr")
+		return false
+	}
+	return true
+}
+
 func (s *Server) handleDiscover(p dhcp4.Packet, options dhcp4.Options) dhcp4.Packet {
 	// find a lease, but don't update lease time
 	var lease *Lease
@@ -335,6 +346,10 @@ func (s *Server) handleDiscover(p dhcp4.Packet, options dhcp4.Options) dhcp4.Pac
 	log.Tracef("Message from client: Discover.  ReqIP: %s  HW: %s  Hostname: %s",
 		reqIP, p.CHAddr(), hostname)
 
+	if !isValidPacket(p) {
+		return nil
+	}
+
 	lease = s.findLease(p)
 	for lease == nil {
 		lease, err = s.reserveLease(p)
@@ -360,6 +375,10 @@ func (s *Server) handleDHCP4Request(p dhcp4.Packet, options dhcp4.Options) dhcp4
 	log.Tracef("Message from client: Request.  IP: %s  ReqIP: %s  HW: %s",
 		p.CIAddr(), reqIP, p.CHAddr())
 
+	if !isValidPacket(p) {
+		return nil
+	}
+
 	server := options[dhcp4.OptionServerIdentifier]
 	if server != nil && !net.IP(server).Equal(s.ipnet.IP) {
 		log.Tracef("Request message not for this DHCP server (%v vs %v)", server, s.ipnet.IP)