From cbcd4284111f56a233b0c68fba403650c1fb0ccc Mon Sep 17 00:00:00 2001 From: David Gibson Date: Sun, 3 May 2026 23:55:49 +0200 Subject: pif: Limit pif names to 128 bytes All current pif names are quite short, and we expect them to remain short when/if we allow arbitrary pifs. However, because of the structure of the current code we don't enforce any limit on the length. This will become more important with dynamic configuration updates, so start enforcing a length limit. Specifically we allow pif names to be up to 128 bytes (PIF_NAME_SIZE), including the terminating \0. This is more or less arbitrary, but seems like it should be comfortably enough for all the cases we have in mind. Signed-off-by: David Gibson Reviewed-by: Laurent Vivier [sbrivio: Fixed typo in comment, reported by Laurent] Signed-off-by: Stefano Brivio --- pif.c | 2 +- pif.h | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/pif.c b/pif.c index 1e80724..d5e3161 100644 --- a/pif.c +++ b/pif.c @@ -17,7 +17,7 @@ #include "inany.h" #include "epoll_ctl.h" -const char *pif_type_str[] = { +const char pif_type_str[][PIF_NAME_SIZE] = { [PIF_NONE] = "", [PIF_HOST] = "HOST", [PIF_TAP] = "TAP", diff --git a/pif.h b/pif.h index 7bb58e5..553c742 100644 --- a/pif.h +++ b/pif.h @@ -35,7 +35,9 @@ enum pif_type { PIF_NUM_TYPES, }; -extern const char *pif_type_str[]; +/* Maximum size of a pif name, including \0 */ +#define PIF_NAME_SIZE (128) +extern const char pif_type_str[][PIF_NAME_SIZE]; static inline const char *pif_type(enum pif_type pt) { @@ -43,6 +45,7 @@ static inline const char *pif_type(enum pif_type pt) return pif_type_str[pt]; else return "?"; + static_assert(sizeof("?") <= PIF_NAME_SIZE); } static inline const char *pif_name(uint8_t pif) -- cgit v1.2.3