[U-Boot] [PATCH 2/3] sandbox: eth-raw-os.c: Ensure that our interface name is not too long

Tom Rini Mon, 07 Dec 2015 19:27:06 -0800

Coverity notes that we do not ensure when we copy ifname we still have
space left to ensure NULL termination.  As cannot control the size of
ifr_name we must make sure that our argument will not overflow the
buffer.


Reported-by: Coverity (CID 131094)
Cc: Simon Glass <s...@chromium.org>
Signed-off-by: Tom Rini <tr...@konsulko.com>
---
 arch/sandbox/cpu/eth-raw-os.c |    4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/sandbox/cpu/eth-raw-os.c b/arch/sandbox/cpu/eth-raw-os.c
index b76a731..528865f 100644
--- a/arch/sandbox/cpu/eth-raw-os.c
+++ b/arch/sandbox/cpu/eth-raw-os.c
@@ -76,6 +76,10 @@ static int _raw_packet_start(const char *ifname, unsigned 
char *ethmac,
                printf("Failed to set promiscuous mode: %d %s\n"
                       "Falling back to the old \"flags\" way...\n",
                        errno, strerror(errno));
+               if (strlen(ifname) >= IFNAMSIZ) {
+                       printf("Interface name %s is too long.\n", ifname);
+                       return -EINVAL;
+               }
                strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
                if (ioctl(priv->sd, SIOCGIFFLAGS, &ifr) < 0) {
                        printf("Failed to read flags: %d %s\n", errno,
-- 
1.7.9.5

_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot

[U-Boot] [PATCH 2/3] sandbox: eth-raw-os.c: Ensure that our interface name is not too long

Reply via email to