From 7d55e5ead25fdfe33b4f6f14768da33b138a9a1b Mon Sep 17 00:00:00 2001
From: Martin Osvald <mosvald@redhat.com>
Date: Mon, 10 Oct 2022 15:25:29 +0200
Subject: [PATCH] Fix for CVE-2022-2929

Resolves: #2132246
---
 CVE-2022-2929.patch | 25 +++++++++++++++++++++++++
 dhcp.spec           |  2 ++
 2 files changed, 27 insertions(+)
 create mode 100644 CVE-2022-2929.patch

diff --git a/CVE-2022-2929.patch b/CVE-2022-2929.patch
new file mode 100644
index 0000000..938a275
--- /dev/null
+++ b/CVE-2022-2929.patch
@@ -0,0 +1,25 @@
+diff --git a/common/options.c b/common/options.c
+index 40238f7..11b1961 100644
+--- a/common/options.c
++++ b/common/options.c
+@@ -454,16 +454,16 @@ int fqdn_universe_decode (struct option_state *options,
+ 		while (s < &bp -> data[0] + length + 2) {
+ 			len = *s;
+ 			if (len > 63) {
+-				log_info ("fancy bits in fqdn option");
+-				return 0;
++				log_info ("label length exceeds 63 in fqdn option");
++				goto bad;
+ 			}
+ 			if (len == 0) {
+ 				terminated = 1;
+ 				break;
+ 			}
+ 			if (s + len > &bp -> data [0] + length + 3) {
+-				log_info ("fqdn tag longer than buffer");
+-				return 0;
++				log_info ("fqdn label longer than buffer");
++				goto bad;
+ 			}
+ 
+ 			if (first_len == 0) {
diff --git a/dhcp.spec b/dhcp.spec
index 3e4cfaf..5d8043f 100644
--- a/dhcp.spec
+++ b/dhcp.spec
@@ -65,6 +65,7 @@ Patch29: 0029-Use-system-getaddrinfo-for-dhcp.patch
 Patch30: CVE-2021-25220.patch
 Patch31: omshell-hmac-sha512-support.patch
 Patch32: CVE-2022-2928.patch
+Patch33: CVE-2022-2929.patch
 
 
 BuildRequires: autoconf
@@ -517,6 +518,7 @@ done
 %changelog
 * Mon Oct 10 2022 Martin Osvald <mosvald@redhat.com> - 12:4.4.2-18.b1
 - Fix for CVE-2022-2928
+- Fix for CVE-2022-2929
 
 * Tue May 10 2022 Martin Osvald <mosvald@redhat.com> - 12:4.4.2-17.b1
 - omshell: add support for hmac-sha512 algorithm (#2083553)