[PATCH] bridge: vlan: reject reserved VLAN ID 4095

[PATCH] bridge: vlan: reject reserved VLAN ID 4095

[William Gonzalez]

The bridge vlan parser currently rejects VLAN IDs greater than or
equal to 4096, which still allows VLAN ID 4095. VLAN ID 4095 is
reserved and should not be accepted as a configurable VLAN ID.

Tighten userspace validation to accept only VLAN IDs in the range
1..4094.

Signed-off-by: William Gonzalez <gonzalez.williamalexander1@gmail.com>
---
 bridge/vlan.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bridge/vlan.c b/bridge/vlan.c
index 27d31ba8..09c01153 100644
--- a/bridge/vlan.c
+++ b/bridge/vlan.c
@@ -224,8 +224,8 @@ static int vlan_modify(int cmd, int argc, char **argv)
 		return -1;
 	}
 
-	if (vid >= 4096) {
-		fprintf(stderr, "Invalid VLAN ID \"%hu\"\n", vid);
+	if (vid < 1 || vid > 4094) {
+		fprintf(stderr, "Invalid VLAN ID \"%d\"\n", vid);
 		return -1;
 	}
 
-- 
2.39.3 (Apple Git-145)

Re: [PATCH] bridge: vlan: reject reserved VLAN ID 4095

[Stephen Hemminger]

On Sun, 10 May 2026 21:23:39 -0400
William Gonzalez <gonzalez.williamalexander1@gmail.com> wrote:

> The bridge vlan parser currently rejects VLAN IDs greater than or
> equal to 4096, which still allows VLAN ID 4095. VLAN ID 4095 is
> reserved and should not be accepted as a configurable VLAN ID.
> 
> Tighten userspace validation to accept only VLAN IDs in the range
> 1..4094.
> 
> Signed-off-by: William Gonzalez <gonzalez.williamalexander1@gmail.com>
> ---

Overall looks ok, but you missed the case of vlan range.

If you have chance get rid of the use of atoi() here since that
doesn't handle garbage input well. Instead using get_u16() from utils.c
here instead. Better yet make the get_vlan() a helper in utils.c
and even get_vlan_range() a helper. Other code does bad job of reading
vlans.