From 7e7a1d107b7f2bb729836de25c4983f9615a2aa1 Mon Sep 17 00:00:00 2001 From: Sascha Hauer Date: Mon, 17 Aug 2020 13:25:19 +0200 Subject: [PATCH] iproute2: ip maddress: Check multiaddr length ip maddress add|del takes a MAC address as argument, so insist on getting a length of ETH_ALEN bytes. This makes sure the passed argument is actually a MAC address and especially not an IPv4 address which was previously accepted and silently taken as a MAC address. While at it, do not print *argv in the error path as this has been modified by ll_addr_a2n() and doesn't contain the full string anymore, which can lead to misleading error messages. Also while at it, replace the hardcoded buffer size with the actual buffer size using sizeof(). Signed-off-by: Sascha Hauer Signed-off-by: Stephen Hemminger --- ip/ipmaddr.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/ip/ipmaddr.c b/ip/ipmaddr.c index 3400e055a..d41ac63a7 100644 --- a/ip/ipmaddr.c +++ b/ip/ipmaddr.c @@ -291,7 +291,7 @@ static int multiaddr_modify(int cmd, int argc, char **argv) { struct ifreq ifr = {}; int family; - int fd; + int fd, len; if (cmd == RTM_NEWADDR) cmd = SIOCADDMULTI; @@ -313,9 +313,14 @@ static int multiaddr_modify(int cmd, int argc, char **argv) usage(); if (ifr.ifr_hwaddr.sa_data[0]) duparg("address", *argv); - if (ll_addr_a2n(ifr.ifr_hwaddr.sa_data, - 14, *argv) < 0) { - fprintf(stderr, "Error: \"%s\" is not a legal ll address.\n", *argv); + len = ll_addr_a2n(ifr.ifr_hwaddr.sa_data, + sizeof(ifr.ifr_hwaddr.sa_data), + *argv); + if (len < 0) + exit(1); + + if (len != ETH_ALEN) { + fprintf(stderr, "Error: Invalid address length %d - must be %d bytes\n", len, ETH_ALEN); exit(1); } } -- 2.47.2