From: Matteo Croce
> Sent: 25 July 2017 14:31
> ip netns accepts invalid input as namespace name like an empty string or a
> string longer than the maximum file name length.
> Check that the netns name is not empty and less than or equal to NAME_MAX.
>
> Signed-off-by: Matteo Croce <[email protected]>
> ---
> ip/ipnetns.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/ip/ipnetns.c b/ip/ipnetns.c
> index 42549944..198e9de8 100644
> --- a/ip/ipnetns.c
> +++ b/ip/ipnetns.c
> @@ -768,7 +768,8 @@ static int netns_monitor(int argc, char **argv)
>
> static int invalid_name(const char *name)
> {
> - return strchr(name, '/') || !strcmp(name, ".") || !strcmp(name, "..");
> + return !*name || strlen(name) > NAME_MAX ||
> + strchr(name, '/') || !strcmp(name, ".") || !strcmp(name, "..");
Think I'd check:
!name[0] || !memchr(name, 0, NAME_MAX) || strchr(name, '/') ||
(name[0] == '.' && (!name[1] || (name[1] == '.' && !name[2])))
David
