From: Sascha Hauer Date: Mon, 17 Aug 2020 11:25:19 +0000 (+0200) Subject: iproute2: ip maddress: Check multiaddr length X-Git-Tag: v5.9.0~14 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7e7a1d107b7f2bb729836de25c4983f9615a2aa1;p=thirdparty%2Fiproute2.git iproute2: ip maddress: Check multiaddr length ip maddress add|del takes a MAC address as argument, so insist on getting a length of ETH_ALEN bytes. This makes sure the passed argument is actually a MAC address and especially not an IPv4 address which was previously accepted and silently taken as a MAC address. While at it, do not print *argv in the error path as this has been modified by ll_addr_a2n() and doesn't contain the full string anymore, which can lead to misleading error messages. Also while at it, replace the hardcoded buffer size with the actual buffer size using sizeof(). Signed-off-by: Sascha Hauer Signed-off-by: Stephen Hemminger --- diff --git a/ip/ipmaddr.c b/ip/ipmaddr.c index 3400e055a..d41ac63a7 100644 --- a/ip/ipmaddr.c +++ b/ip/ipmaddr.c @@ -291,7 +291,7 @@ static int multiaddr_modify(int cmd, int argc, char **argv) { struct ifreq ifr = {}; int family; - int fd; + int fd, len; if (cmd == RTM_NEWADDR) cmd = SIOCADDMULTI; @@ -313,9 +313,14 @@ static int multiaddr_modify(int cmd, int argc, char **argv) usage(); if (ifr.ifr_hwaddr.sa_data[0]) duparg("address", *argv); - if (ll_addr_a2n(ifr.ifr_hwaddr.sa_data, - 14, *argv) < 0) { - fprintf(stderr, "Error: \"%s\" is not a legal ll address.\n", *argv); + len = ll_addr_a2n(ifr.ifr_hwaddr.sa_data, + sizeof(ifr.ifr_hwaddr.sa_data), + *argv); + if (len < 0) + exit(1); + + if (len != ETH_ALEN) { + fprintf(stderr, "Error: Invalid address length %d - must be %d bytes\n", len, ETH_ALEN); exit(1); } }