[PATCH net 6/6] vti6: better validate user provided tunnel names

Eric Dumazet Thu, 05 Apr 2018 06:40:13 -0700

Use valid_name() to make sure user does not provide illegal
device name.

Fixes: ed1efb2aefbb ("ipv6: Add support for IPsec virtual tunnel interfaces")
Signed-off-by: Eric Dumazet <[email protected]>
Cc: Steffen Klassert <[email protected]>
---
 net/ipv6/ip6_vti.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)


diff --git a/net/ipv6/ip6_vti.c b/net/ipv6/ip6_vti.c
index 
6ebb2e8777f42054ca5ee8338aa560f5501d8262..c214ffec02f06f6dccfb9769fc8640e5e56da618
 100644
--- a/net/ipv6/ip6_vti.c
+++ b/net/ipv6/ip6_vti.c
@@ -212,10 +212,13 @@ static struct ip6_tnl *vti6_tnl_create(struct net *net, 
struct __ip6_tnl_parm *p
        char name[IFNAMSIZ];
        int err;
 
-       if (p->name[0])
+       if (p->name[0]) {
+               if (!dev_valid_name(p->name))
+                       goto failed;
                strlcpy(name, p->name, IFNAMSIZ);
-       else
+       } else {
                sprintf(name, "ip6_vti%%d");
+       }
 
        dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, vti6_dev_setup);
        if (!dev)
-- 
2.17.0.484.g0c8726318c-goog

[PATCH net 6/6] vti6: better validate user provided tunnel names

Reply via email to