ipc: linux: enforce IFNAMSIZ limit

libmnl doesn't check lengths, so do our own checking before copying the
interface name to the netlink buffer.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

diff --git a/src/ipc-linux.h b/src/ipc-linux.h
index 5883ffe6bd1fefe72e95a9beda2b41fea8b991c6..d29c0c5dbf9b5c72329a359b3ae482c8571eeeef 100644 (file)
--- a/src/ipc-linux.h
+++ b/src/ipc-linux.h
@@ -479,6 +479,12 @@ static int kernel_get_device(struct wgdevice **device, const char *iface)
        struct nlmsghdr *nlh;
        struct mnlg_socket *nlg;
 
+       /* libmnl doesn't check the buffer size, so enforce that before using. */
+       if (strlen(iface) >= IFNAMSIZ) {
+               errno = ENAMETOOLONG;
+               return -ENAMETOOLONG;
+       }
+
 try_again:
        ret = 0;
        *device = calloc(1, sizeof(**device));