From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id 5D0815A0275 for ; Wed, 28 Jun 2023 07:11:24 +0200 (CEST) Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4QrV6Z3rdDz4wvv; Wed, 28 Jun 2023 15:11:18 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=201602; t=1687929078; bh=8UT6ZAAZye2N9BwwxS9fw7cvhbSBnWjXaxRDNADX6lc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bkPCohHi/0oONNbz5w7IRHazMT1MJ7Os3RYTJlsrNKki5yavedl35sAeotP29LMPJ p3pB2m6ptLqFmobL3cgDH32fQZpMXtsM3dvwF4LqVIzI8nHKIc1yRA0JrGHHF7o/TK j4N1Oy0LmjPYfPWdNCjkI8D1vZWFJCtgujydI11I= From: David Gibson To: passt-dev@passt.top, Stefano Brivio Subject: [PATCH 1/2] conf: Fix size checking of -I interface name Date: Wed, 28 Jun 2023 15:11:14 +1000 Message-ID: <20230628051115.3692777-2-david@gibson.dropbear.id.au> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230628051115.3692777-1-david@gibson.dropbear.id.au> References: <20230628051115.3692777-1-david@gibson.dropbear.id.au> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: S4NOQ2N557RRCNXOKCEW3GDG7VGEMOUC X-Message-ID-Hash: S4NOQ2N557RRCNXOKCEW3GDG7VGEMOUC X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: David Gibson X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Network interface names must fit in a buffer of IFNAMSIZ bytes, including the terminating \0. IFNAMSIZ is 16 on Linux, so interface names can be up to (and including) 15 characters long. We validate this for the -I option, but we have an off by one error. We pass (IFNAMSIZ - 1) as the buffer size to snprintf(), but that buffer size already includes the terminating \0, so this actually truncates the value to 14 characters. The return value returned from snprintf() however, is the number of characters that would have been printed *excluding* the terminating \0, so by comparing it >= IFNAMSIZ - 1 we are giving an error on names >= 15 characters rather than strictly > 15 characters. Bugzila: https://bugs.passt.top/show_bug.cgi?id=61 Signed-off-by: David Gibson --- conf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/conf.c b/conf.c index 68487a41..19064368 100644 --- a/conf.c +++ b/conf.c @@ -1439,9 +1439,9 @@ void conf(struct ctx *c, int argc, char **argv) if (*c->pasta_ifn) die("Multiple --ns-ifname options given"); - ret = snprintf(c->pasta_ifn, IFNAMSIZ - 1, "%s", + ret = snprintf(c->pasta_ifn, IFNAMSIZ, "%s", optarg); - if (ret <= 0 || ret >= IFNAMSIZ - 1) + if (ret <= 0 || ret >= IFNAMSIZ) die("Invalid interface name: %s", optarg); break; -- 2.41.0