From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg0-f66.google.com ([74.125.83.66]:33308 "EHLO mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751667AbeCTPuJ (ORCPT ); Tue, 20 Mar 2018 11:50:09 -0400 Received: by mail-pg0-f66.google.com with SMTP id g12so778437pgs.0 for ; Tue, 20 Mar 2018 08:50:09 -0700 (PDT) Subject: Re: [PATCH iproute2 5/5] namespace: limit length of network namespace To: Stephen Hemminger , netdev@vger.kernel.org References: <20180319165638.30166-1-stephen@networkplumber.org> <20180319165638.30166-6-stephen@networkplumber.org> From: David Ahern Message-ID: <5f6f7a08-30dc-a780-8f32-a7414caeea0b@gmail.com> Date: Tue, 20 Mar 2018 09:50:05 -0600 MIME-Version: 1.0 In-Reply-To: <20180319165638.30166-6-stephen@networkplumber.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: netdev-owner@vger.kernel.org List-ID: On 3/19/18 10:56 AM, Stephen Hemminger wrote: > Avoid running into buffer overflows with excessively long network > namespace. Fixes Gcc-8 warning about possible snprintf truncation. > > Signed-off-by: Stephen Hemminger > --- > lib/namespace.c | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/lib/namespace.c b/lib/namespace.c > index 682634028587..ce5683a5f4e6 100644 > --- a/lib/namespace.c > +++ b/lib/namespace.c > @@ -18,7 +18,7 @@ > static void bind_etc(const char *name) > { > char etc_netns_path[PATH_MAX]; > - char netns_name[PATH_MAX]; > + char netns_name[2*PATH_MAX]; > char etc_name[PATH_MAX]; > struct dirent *entry; > DIR *dir; > @@ -52,6 +52,12 @@ int netns_switch(char *name) > unsigned long mountflags = 0; > struct statvfs fsstat; > > + if (strlen(name) >= NAME_MAX) { > + fprintf(stderr, "Network namespace name too long\"%s\"\n", > + name); > + return -1; > + } > + > snprintf(net_path, sizeof(net_path), "%s/%s", NETNS_RUN_DIR, name); > netns = open(net_path, O_RDONLY | O_CLOEXEC); > if (netns < 0) { > Since PATH_MAX is a Linux limit for file paths, why not ensure strlen(name) + strlen(NETNS_RUN_DIR) + 2 <= PATH_MAX