[quagga-dev 3079] Re: bugs related to length of interface names
paul at clubi.ie
Fri Apr 1 23:32:22 BST 2005
On Fri, 1 Apr 2005, Andrew J. Schorr wrote:
> That is not the problem. The problem is that there is not a clear
> and consistent policy regarding the strings that are passed to
> if_lookup_by_name, if_get_by_name, and if_create.
> For example, look in zebra/if_ioctl.c:interface_list_ioctl().
> It includes a line that looks like this:
> ifp = if_get_by_name (ifreq->ifr_name);
Ah, oops, that's wrong. You're right.
> Is that valid? Or is it a bug? I don't know. Is ifreq->ifr_name
> guaranteed to have a NUL termination char? If it is, then the code
> is probably OK, except for the risk of false matches if the length
> somehow exceeds INTERFACE_NAMSIZ. But if it is a fixed-size buffer
> of length IFNAMSIZ, then this call could run off the end of the
> Yes, that is true of the ifname inside the structure, but not those
> that are roaming in the wild.
> want to add a check in each case. It is much easier simply to
> replace if_lookup_by_name(argv) with
> if_lookup_by_name_len(argv, strlen(argv)).
> No, I don't think so, I find this all a bit confusing. My thought
> is just to make the API require explicitly counted strings so we
> don't have to worry about subtle problems.
you're right :)
> At the moment, I don't think there are any problems if all the
> interface names are less than IFNAMSIZ in length. But if they go
> over that limit, there may be subtle bugs and/or unexpected
> behavior lurking in the code.
You are right Don Andrew :)
Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
Go away! Stop bothering me with all your "compute this ... compute that"!
I'm taking a VAX-NAP.
More information about the Quagga-dev