| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170927084249.0591ee3a@shemminger-XPS-13-9360>
Date: Wed, 27 Sep 2017 08:42:49 +0100
From: Stephen Hemminger <stephen@...workplumber.org>
To: Phil Sutter <phil@....cc>
Cc: netdev@...r.kernel.org
Subject: Re: [iproute PATCH v2 0/3] Check user supplied interface name
lengths
On Tue, 26 Sep 2017 18:35:45 +0200
Phil Sutter <phil@....cc> wrote:
> This series adds explicit checks for user-supplied interface names to
> make sure their length fits Linux's requirements.
>
> The first two patches simplify interface name parsing in some places -
> these are side-effects of working on the actual implementation provided
> in patch three.
>
> Changes since v1:
> - Patches 1 and 2 introduced.
> - Changes to patch 3 are listed in there.
>
> Phil Sutter (3):
> ip{6,}tunnel: Avoid copying user-supplied interface name around
> tc: flower: No need to cache indev arg
> Check user supplied interface name lengths
>
> include/utils.h | 1 +
> ip/ip6tunnel.c | 9 +++++----
> ip/ipl2tp.c | 3 ++-
> ip/iplink.c | 27 ++++++++-------------------
> ip/ipmaddr.c | 1 +
> ip/iprule.c | 4 ++++
> ip/iptunnel.c | 27 +++++++++++++--------------
> ip/iptuntap.c | 4 +++-
> lib/utils.c | 10 ++++++++++
> misc/arpd.c | 1 +
> tc/f_flower.c | 6 ++----
> 11 files changed, 50 insertions(+), 43 deletions(-)
>
I like the idea, and checking arguments is good.
Why not merge the check and copy and put in lib/utils.c
int get_ifname(char *name, const char *arg)
{
...
Powered by blists - more mailing lists