diff options
-rw-r--r-- | src/basic/socket-util.c | 20 | ||||
-rw-r--r-- | src/basic/socket-util.h | 1 | ||||
-rw-r--r-- | src/network/networkd-address.c | 4 |
3 files changed, 23 insertions, 2 deletions
diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c index 17e90a8994..e5847dce00 100644 --- a/src/basic/socket-util.c +++ b/src/basic/socket-util.c @@ -900,6 +900,26 @@ bool ifname_valid(const char *p) { return true; } +bool address_label_valid(const char *p) { + + if (isempty(p)) + return false; + + if (strlen(p) >= IFNAMSIZ) + return false; + + while (*p) { + if ((uint8_t) *p >= 127U) + return false; + + if ((uint8_t) *p <= 31U) + return false; + p++; + } + + return true; +} + int getpeercred(int fd, struct ucred *ucred) { socklen_t n = sizeof(struct ucred); struct ucred u; diff --git a/src/basic/socket-util.h b/src/basic/socket-util.h index 3c42e220e5..73c3a339fc 100644 --- a/src/basic/socket-util.h +++ b/src/basic/socket-util.h @@ -126,6 +126,7 @@ int ip_tos_to_string_alloc(int i, char **s); int ip_tos_from_string(const char *s); bool ifname_valid(const char *p); +bool address_label_valid(const char *p); int getpeercred(int fd, struct ucred *ucred); int getpeersec(int fd, char **ret); diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c index e34793e50b..2e6c763aba 100644 --- a/src/network/networkd-address.c +++ b/src/network/networkd-address.c @@ -821,8 +821,8 @@ int config_parse_label( if (r < 0) return r; - if (strlen(rvalue) >= IFNAMSIZ) { - log_syntax(unit, LOG_ERR, filename, line, 0, "Interface label is too long, ignoring assignment: %s", rvalue); + if (!address_label_valid(rvalue)) { + log_syntax(unit, LOG_ERR, filename, line, 0, "Interface label is too long or invalid, ignoring assignment: %s", rvalue); return 0; } |