From: Tom Rini Date: Tue, 8 Dec 2015 03:26:34 +0000 (-0500) Subject: sandbox: eth-raw-os.c: Ensure that our interface name is not too long X-Git-Tag: v2025.01-rc5-pxa1908~10782^2 X-Git-Url: http://git.dujemihanovic.xyz/img/%7B%7B?a=commitdiff_plain;h=ab971e192adcf0a501c8998542ab116512c0c260;p=u-boot.git sandbox: eth-raw-os.c: Ensure that our interface name is not too long Coverity notes that we do not ensure when we copy ifname we still have space left to ensure NULL termination. As cannot control the size of ifr_name we must make sure that our argument will not overflow the buffer. Reported-by: Coverity (CID 131094) Cc: Simon Glass Signed-off-by: Tom Rini Reviewed-by: Simon Glass --- diff --git a/arch/sandbox/cpu/eth-raw-os.c b/arch/sandbox/cpu/eth-raw-os.c index b76a7319ae..528865f5d3 100644 --- a/arch/sandbox/cpu/eth-raw-os.c +++ b/arch/sandbox/cpu/eth-raw-os.c @@ -76,6 +76,10 @@ static int _raw_packet_start(const char *ifname, unsigned char *ethmac, printf("Failed to set promiscuous mode: %d %s\n" "Falling back to the old \"flags\" way...\n", errno, strerror(errno)); + if (strlen(ifname) >= IFNAMSIZ) { + printf("Interface name %s is too long.\n", ifname); + return -EINVAL; + } strncpy(ifr.ifr_name, ifname, IFNAMSIZ); if (ioctl(priv->sd, SIOCGIFFLAGS, &ifr) < 0) { printf("Failed to read flags: %d %s\n", errno,