aboutgitcodebugslistschat
diff options
context:
space:
mode:
authorDavid Gibson <david@gibson.dropbear.id.au>2023-06-28 15:11:15 +1000
committerStefano Brivio <sbrivio@redhat.com>2023-06-28 17:51:25 +0200
commit4c98d3be800de94776b1ebdb7834be805af41d2d (patch)
tree547e9d0674ad2196ae6874cdd3171c54e7613677
parentc4017cc4a16b1b7d1854498ba64ed27e5a3d0555 (diff)
downloadpasst-4c98d3be800de94776b1ebdb7834be805af41d2d.tar
passt-4c98d3be800de94776b1ebdb7834be805af41d2d.tar.gz
passt-4c98d3be800de94776b1ebdb7834be805af41d2d.tar.bz2
passt-4c98d3be800de94776b1ebdb7834be805af41d2d.tar.lz
passt-4c98d3be800de94776b1ebdb7834be805af41d2d.tar.xz
passt-4c98d3be800de94776b1ebdb7834be805af41d2d.tar.zst
passt-4c98d3be800de94776b1ebdb7834be805af41d2d.zip
conf: Correct length checking of interface names in conf_ports()
When interface names are specified in forwarding specs, we need to check the length of the given interface name against the limit of IFNAMSIZ - 1 (15) characters. However, we managed to have 3 separate off-by-one errors here meaning we only accepted interface names up to 12 characters. 1. At the point of the check 'ifname' was still on the '%' character, not the first character of the name, meaning we overestimated the length by one 2. At the point of the check 'spec' had been advanced one character past the '/' which terminates the interface name, meaning we overestimated the length by another one 3. We checked if the (miscalculated) length was >= IFNAMSIZ - 1, that is >= 15, whereas lengths equal to 15 should be accepted. Correct all 3 errors. Link: https://bugs.passt.top/show_bug.cgi?id=61 Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
-rw-r--r--conf.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/conf.c b/conf.c
index 1906436..78eaf2d 100644
--- a/conf.c
+++ b/conf.c
@@ -256,11 +256,16 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
goto bad;
if ((ifname = strchr(buf, '%'))) {
- if (spec - ifname >= IFNAMSIZ - 1)
- goto bad;
-
*ifname = 0;
ifname++;
+
+ /* spec is already advanced one past the '/',
+ * so the length of the given ifname is:
+ * (spec - ifname - 1)
+ */
+ if (spec - ifname - 1 >= IFNAMSIZ)
+ goto bad;
+
}
if (ifname == buf + 1) /* Interface without address */