From 2680894816b49b9e55f0a42a420d0540892e9b61 Mon Sep 17 00:00:00 2001
From: Susant Sahani <susant@redhat.com>
Date: Tue, 28 Feb 2017 16:53:58 +0530
Subject: socket-util: introduce address_label_valid

---
 src/basic/socket-util.c | 20 ++++++++++++++++++++
 src/basic/socket-util.h |  1 +
 2 files changed, 21 insertions(+)

diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c
index 17e90a8994..e5847dce00 100644
--- a/src/basic/socket-util.c
+++ b/src/basic/socket-util.c
@@ -900,6 +900,26 @@ bool ifname_valid(const char *p) {
         return true;
 }
 
+bool address_label_valid(const char *p) {
+
+        if (isempty(p))
+                return false;
+
+        if (strlen(p) >= IFNAMSIZ)
+                return false;
+
+        while (*p) {
+                if ((uint8_t) *p >= 127U)
+                        return false;
+
+                if ((uint8_t) *p <= 31U)
+                        return false;
+                p++;
+        }
+
+        return true;
+}
+
 int getpeercred(int fd, struct ucred *ucred) {
         socklen_t n = sizeof(struct ucred);
         struct ucred u;
diff --git a/src/basic/socket-util.h b/src/basic/socket-util.h
index 3c42e220e5..73c3a339fc 100644
--- a/src/basic/socket-util.h
+++ b/src/basic/socket-util.h
@@ -126,6 +126,7 @@ int ip_tos_to_string_alloc(int i, char **s);
 int ip_tos_from_string(const char *s);
 
 bool ifname_valid(const char *p);
+bool address_label_valid(const char *p);
 
 int getpeercred(int fd, struct ucred *ucred);
 int getpeersec(int fd, char **ret);
-- 
cgit v1.2.3-54-g00ecf


From a87d19fe0a9fd1bc66663d3aefb55a10c2fd3af9 Mon Sep 17 00:00:00 2001
From: Susant Sahani <susant@redhat.com>
Date: Tue, 28 Feb 2017 16:54:33 +0530
Subject: networkd: use address_label_valid for label validation

---
 src/network/networkd-address.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c
index e34793e50b..2e6c763aba 100644
--- a/src/network/networkd-address.c
+++ b/src/network/networkd-address.c
@@ -821,8 +821,8 @@ int config_parse_label(
         if (r < 0)
                 return r;
 
-        if (strlen(rvalue) >= IFNAMSIZ) {
-                log_syntax(unit, LOG_ERR, filename, line, 0, "Interface label is too long, ignoring assignment: %s", rvalue);
+        if (!address_label_valid(rvalue)) {
+                log_syntax(unit, LOG_ERR, filename, line, 0, "Interface label is too long or invalid, ignoring assignment: %s", rvalue);
                 return 0;
         }
 
-- 
cgit v1.2.3-54-g00ecf