From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 15 Feb 2021 21:49:36 +0000 (+0100)
Subject: socket-util: tighten parsing of ifnames
X-Git-Tag: v248-rc1~111^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F18611%2Fhead;p=thirdparty%2Fsystemd.git

socket-util: tighten parsing of ifnames

Numeric ifnames should be acceptable only if that's enabled by flag, and
refused otherwise. Hence, let's parse as ifindex first, and if that
works decide. Finally, let's refuse any numeric ifnames that are not
valid ifindexs, but look like them.
---

diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c
index 59039bea4ff..8267988ad9c 100644
--- a/src/basic/socket-util.c
+++ b/src/basic/socket-util.c
@@ -721,6 +721,10 @@ bool ifname_valid_full(const char *p, IfnameValidFlags flags) {
         if (isempty(p))
                 return false;
 
+        /* A valid ifindex? If so, it's valid iff IFNAME_VALID_NUMERIC is set */
+        if (parse_ifindex(p) >= 0)
+                return flags & IFNAME_VALID_NUMERIC;
+
         if (flags & IFNAME_VALID_ALTERNATIVE) {
                 if (strlen(p) >= ALTIFNAMSIZ)
                         return false;
@@ -745,14 +749,10 @@ bool ifname_valid_full(const char *p, IfnameValidFlags flags) {
                 numeric = numeric && (*t >= '0' && *t <= '9');
         }
 
-        if (numeric) {
-                if (!(flags & IFNAME_VALID_NUMERIC))
-                        return false;
-
-                /* Verify that the number is well-formatted and in range. */
-                if (parse_ifindex(p) < 0)
-                        return false;
-        }
+        /* It's fully numeric but didn't parse as valid ifindex above? if so, it must be too large or zero or
+         * so, let's refuse that. */
+        if (numeric)
+                return false;
 
         return true;
 }