[quagga-dev 3079] Re: bugs related to length of interface names

Paul Jakma paul at clubi.ie
Fri Apr 1 23:32:22 BST 2005

On Fri, 1 Apr 2005, Andrew J. Schorr wrote:

> That is not the problem.  The problem is that there is not a clear 
> and consistent policy regarding the strings that are passed to 
> if_lookup_by_name, if_get_by_name, and if_create.
> For example, look in zebra/if_ioctl.c:interface_list_ioctl().
> It includes a line that looks like this:
>   ifp = if_get_by_name (ifreq->ifr_name);

Ah, oops, that's wrong. You're right.

> Is that valid?  Or is it a bug?  I don't know.  Is ifreq->ifr_name 
> guaranteed to have a NUL termination char?  If it is, then the code 
> is probably OK, except for the risk of false matches if the length 
> somehow exceeds INTERFACE_NAMSIZ.  But if it is a fixed-size buffer 
> of length IFNAMSIZ, then this call could run off the end of the 
> buffer.


> Yes, that is true of the ifname inside the structure, but not those
> that are roaming in the wild.


> want to add a check in each case.  It is much easier simply to 
> replace if_lookup_by_name(argv[1]) with 
> if_lookup_by_name_len(argv[1], strlen(argv[1])).


> No, I don't think so, I find this all a bit confusing.  My thought 
> is just to make the API require explicitly counted strings so we 
> don't have to worry about subtle problems.

you're right :)

> At the moment, I don't think there are any problems if all the 
> interface names are less than IFNAMSIZ in length.  But if they go 
> over that limit, there may be subtle bugs and/or unexpected 
> behavior lurking in the code.

You are right Don Andrew :)

Paul Jakma	paul at clubi.ie	paul at jakma.org	Key ID: 64A2FF6A
Go away! Stop bothering me with all your "compute this ... compute that"!
I'm taking a VAX-NAP.


More information about the Quagga-dev mailing list