lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 6 Feb 2014 13:59:01 +0100 (CET) From: Michal Kubecek <mkubecek@...e.cz> To: Stephen Hemminger <stephen@...workplumber.org> Cc: netdev@...r.kernel.org Subject: [PATCH iproute2 net-next-for-3.13] iplink_bond: fix parameter value matching Lookup function get_index() compares argument with table entries only up to the length of the table entry so that if an entry with lower index is a substring of a later one, earlier entry is used even if the argument is equal to the other. For example, ip link set bond0 type bond xmit_hash_policy layer2+3 sets xmit_hash_policy to 0 (layer2) as this is found before "layer2+3" can be checked. I believe the reason for using strncmp() rather than simple strcmp() was to allow abbreviations which means maximum length for comparison should be length of the string looked up. However, this would cause a problem if shorter value follows longer one and shorter one is entered (there is no such case now but it might happen in the future). So let's try to find an exact match first and only if none is found, do a second pass with checking for abbreviated values. Fixes: 63d127b0 ("iproute2: finish support for bonding attributes") Signed-off-by: Michal Kubecek <mkubecek@...e.cz> --- ip/iplink_bond.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/ip/iplink_bond.c b/ip/iplink_bond.c index f22151e..4cd6843 100644 --- a/ip/iplink_bond.c +++ b/ip/iplink_bond.c @@ -105,8 +105,14 @@ static int get_index(const char **tbl, char *name) if (i == index) return i; + /* first check for an exact match */ for (i = 0; tbl[i]; i++) - if (strncmp(tbl[i], name, strlen(tbl[i])) == 0) + if (strcmp(tbl[i], name) == 0) + return i; + + /* no exact match, try to interpret as an abbreviation */ + for (i = 0; tbl[i]; i++) + if (strncmp(tbl[i], name, strlen(name)) == 0) return i; return -1; -- 1.8.1.4 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists