On 2019/7/23 下午6:47, P J P wrote:
From: Prasad J Pandit <p...@fedoraproject.org> Hello, Linux net_deivce defines network interface name to be of IFNAMSIZE(=16) bytes, including the terminating null('\0') byte. Qemu tap deivce, while invoking 'qemu-bridge-helper' tool to set up the network bridge interface, supplies bridge name of 16 characters, thus allowing to create an ACL bypass scenario. This patch series attempts to fix it. It also updates bridge helper invocation routine 'net_bridge_run_helper' to avoid snprintf() calls. Thank you. -- Prasad J Pandit (3): qemu-bridge-helper: restrict interface name to IFNAMSIZ qemu-bridge-helper: move repeating code in parse_acl_file net: tap: replace snprintf with g_strdup_printf calls net/tap.c | 19 +++++++++++-------- qemu-bridge-helper.c | 24 +++++++++++++++++------- 2 files changed, 28 insertions(+), 15 deletions(-)
Applied. Thanks