diff options
| author | Eric Dumazet <edumazet@google.com> | 2018-04-05 09:39:30 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2018-04-05 15:16:15 -0400 |
| commit | db7a65e3ab78e5b1c4b17c0870ebee35a4ee3257 (patch) | |
| tree | 08760c2cc85ab1d65a4a8ac1c1c22d490d27325a /net/ipv6 | |
| parent | 5f42df013b8bc1b6511af7a04bf93b014884ae2a (diff) | |
ip6_tunnel: better validate user provided tunnel names
Use valid_name() to make sure user does not provide illegal
device name.
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/ip6_tunnel.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c index df4c29f7d59f..da66aaac51ce 100644 --- a/net/ipv6/ip6_tunnel.c +++ b/net/ipv6/ip6_tunnel.c | |||
| @@ -297,13 +297,16 @@ static struct ip6_tnl *ip6_tnl_create(struct net *net, struct __ip6_tnl_parm *p) | |||
| 297 | struct net_device *dev; | 297 | struct net_device *dev; |
| 298 | struct ip6_tnl *t; | 298 | struct ip6_tnl *t; |
| 299 | char name[IFNAMSIZ]; | 299 | char name[IFNAMSIZ]; |
| 300 | int err = -ENOMEM; | 300 | int err = -E2BIG; |
| 301 | 301 | ||
| 302 | if (p->name[0]) | 302 | if (p->name[0]) { |
| 303 | if (!dev_valid_name(p->name)) | ||
| 304 | goto failed; | ||
| 303 | strlcpy(name, p->name, IFNAMSIZ); | 305 | strlcpy(name, p->name, IFNAMSIZ); |
| 304 | else | 306 | } else { |
| 305 | sprintf(name, "ip6tnl%%d"); | 307 | sprintf(name, "ip6tnl%%d"); |
| 306 | 308 | } | |
| 309 | err = -ENOMEM; | ||
| 307 | dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, | 310 | dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, |
| 308 | ip6_tnl_dev_setup); | 311 | ip6_tnl_dev_setup); |
| 309 | if (!dev) | 312 | if (!dev) |