DHCPv6 server crashes on lease expiration

Dennis Kou tah.mah.de at gmail.com
Tue Sep 18 17:21:57 UTC 2007


I am using dhcpd 4.0.0a2 w/ a Windows Vista client. Whenever I set the
default lease time to be small (60 seconds), the DHCPv6 server will
consistently crash when the lease expires. I have narrowed down the problem
and it seems to be dereferencing a null pointer in lease_timeout_support().

In particular, in lease_timeout_support(), when an addr is returned from
expire_lease6(), addr->iana is null. However, addr->ia_na is dereferenced by
write_ia_na() a little bit later.

Is anyone else experiencing this problem? What could be wrong? Here's a
possible patch that seems to fix this, but is likely to just be masking the
real problem:

Index: mdb6.c
===================================================================
--- mdb6.c
+++ mdb6.c
@@ -980,6 +980,11 @@
                if (addr == NULL) {
                        break;
                }
+               if (!addr->ia_na)
+                   continue;

                /* Look to see if there were ddns updates, and if
                 * so, drop them.

This is my configuration file:


default-lease-time 40;
max-lease-time 40;

ddns-updates off;
ddns-update-style none;
authoritative;

subnet6 fe80::/64 {
  range6 abcd:abcd:abcd:abcd::/64;
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20070918/768df489/attachment.html>


More information about the dhcp-users mailing list