socket-util: refuse ifnames with embedded '%' as invalid

So Linux has this (insane — in my opinion) "feature" that if you name a
network interface "foo%d" then it will automatically look for the
interface starting with "foo…" with the lowest number that is not used
yet and allocates that.

We should never clash with this "magic" handling of ifnames, hence
refuse this, since otherwise we never know what the name is we end up
with.

We should probably switch things from a deny list to an allow list
sooner or later and be much stricter. Since the kernel directly enforces
only very few rules on the names, we'd need to do some research what is
safe and what is not first, though.

diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c
index 8402e79c312c6622276add2610f3c46eeba6a2fd..552ec053ffe977e1816f8c1dbb8e01693094a948 100644 (file)
--- a/src/basic/socket-util.c
+++ b/src/basic/socket-util.c
@@ -787,7 +787,10 @@ bool ifname_valid_full(const char *p, IfnameValidFlags flags) {
                 if ((unsigned char) *t <= 32U)
                         return false;
 
-                if (IN_SET(*t, ':', '/'))
+                if (IN_SET(*t,
+                           ':',  /* colons are used by the legacy "alias" interface logic */
+                           '/',  /* slashes cannot work, since we need to use network interfaces in sysfs paths, and in paths slashes are separators */
+                           '%')) /* %d is used in the kernel's weird foo%d format string naming feature which we really really don't want to ever run into by accident */
                         return false;
 
                 numeric = numeric && (*t >= '0' && *t <= '9');

diff --git a/src/test/test-socket-netlink.c b/src/test/test-socket-netlink.c
index af3ccec166f6ccfb9b89d3c6d3b5d147ec22f01c..da484a40032d07a443d370f5caa47f75a0493ebe 100644 (file)
--- a/src/test/test-socket-netlink.c
+++ b/src/test/test-socket-netlink.c
@@ -74,7 +74,7 @@ static void test_socket_address_parse(void) {
         test_socket_address_parse_one("[::1]:1234%lo", 0, AF_INET6, NULL);
         test_socket_address_parse_one("[::1]:0%lo", -EINVAL, 0, NULL);
         test_socket_address_parse_one("[::1]%lo", -EINVAL, 0, NULL);
-        test_socket_address_parse_one("[::1]:1234%lo%lo", -ENODEV, 0, NULL);
+        test_socket_address_parse_one("[::1]:1234%lo%lo", -EINVAL, 0, NULL);
         test_socket_address_parse_one("[::1]:1234%xxxxasdf", -ENODEV, 0, NULL);
         test_socket_address_parse_one("192.168.1.254:8888", 0, AF_INET, NULL);
         test_socket_address_parse_one("/foo/bar", 0, AF_UNIX, NULL);