Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

NetworkConfiguration/dhcpcd
master @ 8b31291
46
Fixes
0
CVEs
CRITICAL
Peak severity
Highlights
Buffer Overflow: 13 prior fixes. Scrutinize any change in this area.
dhcp.c: most-fixed (8 issues). Treat as high-risk during review.
24 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Buffer Overflow: Parsing complex, multi-part, or nested options (like CIDR routing or SIP server options) frequently triggers out-of-bounds writes if option length fields are not rigorously validated against actual allocated buffer bounds.
Sandbox Escape: Processing untrusted input (such as dumping lease files from stdin) before the privilege separation and isolation mechanics are fully initialized allows attackers to exploit memory bugs in a highly privileged context.
Command Injection: String-valued DHCP configuration options passed directly to hook scripts run by the shell are subject to command injection (including Shellshock variant vectors) unless strictly escaped.