| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 6 Feb 2014 13:59:01 +0100 (CET)
From: Michal Kubecek <mkubecek@...e.cz>
To: Stephen Hemminger <stephen@...workplumber.org>
Cc: netdev@...r.kernel.org
Subject: [PATCH iproute2 net-next-for-3.13] iplink_bond: fix parameter value
matching
Lookup function get_index() compares argument with table entries
only up to the length of the table entry so that if an entry
with lower index is a substring of a later one, earlier entry is
used even if the argument is equal to the other. For example,
ip link set bond0 type bond xmit_hash_policy layer2+3
sets xmit_hash_policy to 0 (layer2) as this is found before
"layer2+3" can be checked.
I believe the reason for using strncmp() rather than simple
strcmp() was to allow abbreviations which means maximum length
for comparison should be length of the string looked up.
However, this would cause a problem if shorter value follows
longer one and shorter one is entered (there is no such case now
but it might happen in the future). So let's try to find an
exact match first and only if none is found, do a second pass
with checking for abbreviated values.
Fixes: 63d127b0 ("iproute2: finish support for bonding attributes")
Signed-off-by: Michal Kubecek <mkubecek@...e.cz>
---
ip/iplink_bond.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/ip/iplink_bond.c b/ip/iplink_bond.c
index f22151e..4cd6843 100644
--- a/ip/iplink_bond.c
+++ b/ip/iplink_bond.c
@@ -105,8 +105,14 @@ static int get_index(const char **tbl, char *name)
if (i == index)
return i;
+ /* first check for an exact match */
for (i = 0; tbl[i]; i++)
- if (strncmp(tbl[i], name, strlen(tbl[i])) == 0)
+ if (strcmp(tbl[i], name) == 0)
+ return i;
+
+ /* no exact match, try to interpret as an abbreviation */
+ for (i = 0; tbl[i]; i++)
+ if (strncmp(tbl[i], name, strlen(name)) == 0)
return i;
return -1;
--
1.8.1.4
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists