From ab971e192adcf0a501c8998542ab116512c0c260 Mon Sep 17 00:00:00 2001
From: Tom Rini <trini@konsulko.com>
Date: Mon, 7 Dec 2015 22:26:34 -0500
Subject: [PATCH] sandbox: eth-raw-os.c: Ensure that our interface name is not
 too long

Coverity notes that we do not ensure when we copy ifname we still have
space left to ensure NULL termination.  As cannot control the size of
ifr_name we must make sure that our argument will not overflow the
buffer.

Reported-by: Coverity (CID 131094)
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
 arch/sandbox/cpu/eth-raw-os.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/sandbox/cpu/eth-raw-os.c b/arch/sandbox/cpu/eth-raw-os.c
index b76a7319ae..528865f5d3 100644
--- a/arch/sandbox/cpu/eth-raw-os.c
+++ b/arch/sandbox/cpu/eth-raw-os.c
@@ -76,6 +76,10 @@ static int _raw_packet_start(const char *ifname, unsigned char *ethmac,
 		printf("Failed to set promiscuous mode: %d %s\n"
 		       "Falling back to the old \"flags\" way...\n",
 			errno, strerror(errno));
+		if (strlen(ifname) >= IFNAMSIZ) {
+			printf("Interface name %s is too long.\n", ifname);
+			return -EINVAL;
+		}
 		strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
 		if (ioctl(priv->sd, SIOCGIFFLAGS, &ifr) < 0) {
 			printf("Failed to read flags: %d %s\n", errno,
-- 
2.39.5