]> git.ipfire.org Git - thirdparty/iproute2.git/commitdiff
projects / thirdparty / iproute2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c2a85c3)
netns: more input validation
authorMatteo Croce <mcroce@redhat.com>
Tue, 25 Jul 2017 13:30:31 +0000 (15:30 +0200)
committerStephen Hemminger <stephen@networkplumber.org>
Thu, 27 Jul 2017 18:25:20 +0000 (11:25 -0700)
ip netns accepts invalid input as namespace name like an empty string or a
string longer than the maximum file name length.
Check that the netns name is not empty and less than or equal to NAME_MAX.

Signed-off-by: Matteo Croce <mcroce@redhat.com>
ip/ipnetns.c patch | blob | blame | history

diff --git a/ip/ipnetns.c b/ip/ipnetns.c
index 4254994442ccdfb57fab3dcd769cb795fbdcc88f..198e9de8c830a1bfcfdf28c9c460e7d53611bfe6 100644 (file)
--- a/ip/ipnetns.c
+++ b/ip/ipnetns.c
@@ -768,7 +768,8 @@ static int netns_monitor(int argc, char **argv)
 
 static int invalid_name(const char *name)
 {
-       return strchr(name, '/') || !strcmp(name, ".") || !strcmp(name, "..");
+       return !*name || strlen(name) > NAME_MAX ||
+               strchr(name, '/') || !strcmp(name, ".") || !strcmp(name, "..");
 }
 
 int do_netns(int argc, char **argv)
Mirror of https://git.kernel.org/pub/scm/network/iproute2/iproute2.git