ipc: linux: enforce IFNAMSIZ limit

libmnl doesn't check lengths, so do our own checking before copying the
interface name to the netlink buffer.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2023-08-04 16:04:36 +02:00
parent 729242a114
commit 13f4ac4cb7
1 changed files with 6 additions and 0 deletions

View File

@ -479,6 +479,12 @@ static int kernel_get_device(struct wgdevice **device, const char *iface)
struct nlmsghdr *nlh; struct nlmsghdr *nlh;
struct mnlg_socket *nlg; struct mnlg_socket *nlg;
/* libmnl doesn't check the buffer size, so enforce that before using. */
if (strlen(iface) >= IFNAMSIZ) {
errno = ENAMETOOLONG;
return -ENAMETOOLONG;
}
try_again: try_again:
ret = 0; ret = 0;
*device = calloc(1, sizeof(**device)); *device = calloc(1, sizeof(**device));