leandrof/u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sandbox: eth-raw-os.c: Ensure that our interface name is not too long

Browse Source 
Coverity notes that we do not ensure when we copy ifname we still have
space left to ensure NULL termination.  As cannot control the size of
ifr_name we must make sure that our argument will not overflow the
buffer.

Reported-by: Coverity (CID 131094)
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Tom Rini 2015-12-07 22:26:34 -05:00 committed by Simon Glass
parent 66eaea6cd1
commit ab971e192a
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
arch/sandbox/cpu/eth-raw-os.c
View File

@ -76,6 +76,10 @@ static int _raw_packet_start(const char *ifname, unsigned char *ethmac,
printf("Failed to set promiscuous mode: %d %s\n"
"Falling back to the old \"flags\" way...\n",
errno, strerror(errno));
if (strlen(ifname) >= IFNAMSIZ) {
printf("Interface name %s is too long.\n", ifname);
return -EINVAL;
}
strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
if (ioctl(priv->sd, SIOCGIFFLAGS, &ifr) < 0) {
printf("Failed to read flags: %d %s\n", errno,