Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d68a19f8 authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'net-tunnel-name-validate' 



Eric Dumazet says:

====================
net: better validate user provided tunnel names

This series changes dev_valid_name() to not attempt reading
a possibly too long user-provided device name, then use
this helper in five different tunnel providers.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 06dd3dfe 537b361f

net/core/dev.c

+1 −1
Original line number Diff line number Diff line
@@ -1027,7 +1027,7 @@ bool dev_valid_name(const char *name) 
{

	if (*name == '\0')

		return false;

	if (strlen(name) >= IFNAMSIZ)

	if (strnlen(name, IFNAMSIZ) == IFNAMSIZ)

		return false;

	if (!strcmp(name, ".") || !strcmp(name, ".."))

		return false;

net/ipv4/ip_tunnel.c

+6 −5
Original line number Diff line number Diff line
@@ -253,13 +253,14 @@ static struct net_device *__ip_tunnel_create(struct net *net, 
	struct net_device *dev;

	char name[IFNAMSIZ];



	if (parms->name[0])

		strlcpy(name, parms->name, IFNAMSIZ);

	else {

		if (strlen(ops->kind) > (IFNAMSIZ - 3)) {

	err = -E2BIG;

	if (parms->name[0]) {

		if (!dev_valid_name(parms->name))

			goto failed;

		strlcpy(name, parms->name, IFNAMSIZ);

	} else {

		if (strlen(ops->kind) > (IFNAMSIZ - 3))

			goto failed;

		}

		strlcpy(name, ops->kind, IFNAMSIZ);

		strncat(name, "%d", 2);

	}

net/ipv6/ip6_gre.c

+5 −3
Original line number Diff line number Diff line
@@ -335,11 +335,13 @@ static struct ip6_tnl *ip6gre_tunnel_locate(struct net *net, 
	if (t || !create)

		return t;



	if (parms->name[0])

	if (parms->name[0]) {

		if (!dev_valid_name(parms->name))

			return NULL;

		strlcpy(name, parms->name, IFNAMSIZ);

	else

	} else {

		strcpy(name, "ip6gre%d");



	}

	dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN,

			   ip6gre_tunnel_setup);

	if (!dev)

net/ipv6/ip6_tunnel.c

+7 −4
Original line number Diff line number Diff line
@@ -297,13 +297,16 @@ static struct ip6_tnl *ip6_tnl_create(struct net *net, struct __ip6_tnl_parm *p) 
	struct net_device *dev;

	struct ip6_tnl *t;

	char name[IFNAMSIZ];

	int err = -ENOMEM;

	int err = -E2BIG;



	if (p->name[0])

	if (p->name[0]) {

		if (!dev_valid_name(p->name))

			goto failed;

		strlcpy(name, p->name, IFNAMSIZ);

	else

	} else {

		sprintf(name, "ip6tnl%%d");



	}

	err = -ENOMEM;

	dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN,

			   ip6_tnl_dev_setup);

	if (!dev)

net/ipv6/ip6_vti.c

+5 −2
Original line number Diff line number Diff line
@@ -212,10 +212,13 @@ static struct ip6_tnl *vti6_tnl_create(struct net *net, struct __ip6_tnl_parm *p 
	char name[IFNAMSIZ];

	int err;



	if (p->name[0])

	if (p->name[0]) {

		if (!dev_valid_name(p->name))

			goto failed;

		strlcpy(name, p->name, IFNAMSIZ);

	else

	} else {

		sprintf(name, "ip6_vti%%d");

	}



	dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, vti6_dev_setup);

	if (!dev)