| From foo@baz Wed Apr 11 10:26:56 CEST 2018 |
| From: Eric Dumazet <edumazet@google.com> |
| Date: Thu, 5 Apr 2018 06:39:31 -0700 |
| Subject: vti6: better validate user provided tunnel names |
| |
| From: Eric Dumazet <edumazet@google.com> |
| |
| |
| [ Upstream commit 537b361fbcbcc3cd6fe2bb47069fd292b9256d16 ] |
| |
| Use valid_name() to make sure user does not provide illegal |
| device name. |
| |
| Fixes: ed1efb2aefbb ("ipv6: Add support for IPsec virtual tunnel interfaces") |
| Signed-off-by: Eric Dumazet <edumazet@google.com> |
| Cc: Steffen Klassert <steffen.klassert@secunet.com> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/ipv6/ip6_vti.c | 7 +++++-- |
| 1 file changed, 5 insertions(+), 2 deletions(-) |
| |
| --- a/net/ipv6/ip6_vti.c |
| +++ b/net/ipv6/ip6_vti.c |
| @@ -212,10 +212,13 @@ static struct ip6_tnl *vti6_tnl_create(s |
| char name[IFNAMSIZ]; |
| int err; |
| |
| - if (p->name[0]) |
| + if (p->name[0]) { |
| + if (!dev_valid_name(p->name)) |
| + goto failed; |
| strlcpy(name, p->name, IFNAMSIZ); |
| - else |
| + } else { |
| sprintf(name, "ip6_vti%%d"); |
| + } |
| |
| dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, vti6_dev_setup); |
| if (!dev) |
