diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-05-06 20:58:32 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2016-05-09 15:45:31 +0200 |
| commit | ef76dff225a00008fe0edd1f528c9096f1a91179 (patch) | |
| tree | e3e56ed2a228d8c265c709fc97a408af6bb1a3e9 /src/basic | |
| parent | 5e7423ff25b4b9b0a32753b9d1ec82a36e34b290 (diff) | |
util-lib: add new ifname_valid() call that validates interface names
Make use of this in nspawn at a couple of places. A later commit should port
more code over to this, including networkd.
Diffstat (limited to 'src/basic')
| -rw-r--r-- | src/basic/socket-util.c | 38 | ||||
| -rw-r--r-- | src/basic/socket-util.h | 2 |
2 files changed, 40 insertions, 0 deletions
diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c index c634f1d564..c8769a54f4 100644 --- a/src/basic/socket-util.c +++ b/src/basic/socket-util.c @@ -43,7 +43,9 @@ #include "socket-util.h" #include "string-table.h" #include "string-util.h" +#include "strv.h" #include "user-util.h" +#include "utf8.h" #include "util.h" int socket_address_parse(SocketAddress *a, const char *s) { @@ -795,6 +797,42 @@ static const char* const ip_tos_table[] = { DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos, int, 0xff); +bool ifname_valid(const char *p) { + bool numeric = true; + + /* Checks whether a network interface name is valid. This is inspired by dev_valid_name() in the kernel sources + * but slightly stricter, as we only allow non-control, non-space ASCII characters in the interface name. We + * also don't permit names that only container numbers, to avoid confusion with numeric interface indexes. */ + + if (isempty(p)) + return false; + + if (strlen(p) >= IFNAMSIZ) + return false; + + if (STR_IN_SET(p, ".", "..")) + return false; + + while (*p) { + if ((unsigned char) *p >= 127U) + return false; + + if ((unsigned char) *p <= 32U) + return false; + + if (*p == ':' || *p == '/') + return false; + + numeric = numeric && (*p >= '0' && *p <= '9'); + p++; + } + + if (numeric) + return false; + + return true; +} + int getpeercred(int fd, struct ucred *ucred) { socklen_t n = sizeof(struct ucred); struct ucred u; diff --git a/src/basic/socket-util.h b/src/basic/socket-util.h index 160f7c484b..e9230e4a9f 100644 --- a/src/basic/socket-util.h +++ b/src/basic/socket-util.h @@ -123,6 +123,8 @@ int fd_inc_rcvbuf(int fd, size_t n); int ip_tos_to_string_alloc(int i, char **s); int ip_tos_from_string(const char *s); +bool ifname_valid(const char *p); + int getpeercred(int fd, struct ucred *ucred); int getpeersec(int fd, char **ret); |