From: Yu Watanabe Date: Tue, 18 May 2021 04:02:16 +0000 (+0900) Subject: network: address label: refuse IPv4 mapped address with large prefix length X-Git-Tag: v249-rc1~76^2~43 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2551b422e1117a16607bb7719bf5597ef915ffaa;p=thirdparty%2Fsystemd.git network: address label: refuse IPv4 mapped address with large prefix length See ip6addrlbl_alloc() in net/ipv6/addrlabel.c of kernel. --- diff --git a/src/network/networkd-address-label.c b/src/network/networkd-address-label.c index 3152cbcca90..c697a55fb27 100644 --- a/src/network/networkd-address-label.c +++ b/src/network/networkd-address-label.c @@ -169,6 +169,8 @@ int config_parse_address_label_prefix(const char *unit, _cleanup_(address_label_free_or_set_invalidp) AddressLabel *n = NULL; Network *network = userdata; + unsigned char prefixlen; + union in_addr_union a; int r; assert(filename); @@ -181,11 +183,22 @@ int config_parse_address_label_prefix(const char *unit, if (r < 0) return log_oom(); - r = in_addr_prefix_from_string(rvalue, AF_INET6, &n->in_addr, &n->prefixlen); + r = in_addr_prefix_from_string(rvalue, AF_INET6, &a, &prefixlen); if (r < 0) { - log_syntax(unit, LOG_WARNING, filename, line, r, "Address label is invalid, ignoring assignment: %s", rvalue); + log_syntax(unit, LOG_WARNING, filename, line, r, + "Invalid prefix for address label, ignoring assignment: %s", rvalue); return 0; } + if (in6_addr_is_ipv4_mapped_address(&a.in6) && prefixlen > 96) { + /* See ip6addrlbl_alloc() in net/ipv6/addrlabel.c of kernel. */ + log_syntax(unit, LOG_WARNING, filename, line, 0, + "The prefix length of IPv4 mapped address for address label must be equal to or smaller than 96, " + "ignoring assignment: %s", rvalue); + return 0; + } + + n->in_addr = a; + n->prefixlen = prefixlen; TAKE_PTR(n); return 0;