Skip to content

Commit

Permalink
ifconfig: Improve VLAN identifier parsing
Browse files Browse the repository at this point in the history
VLAN identifier 0xFFF is reserved. It must not be configured or
transmitted.

Also validate during parsing to prevent potential integer overflow.

Reviewed by:	#network, melifaro
Fixes:		c7cffd6 Add support for stacked VLANs (IEEE 802.1ad, AKA Q-in-Q)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D39282

(cherry picked from commit 28b498e)
  • Loading branch information
gmshake authored and fichtner committed May 9, 2023
1 parent b07ccd9 commit b7ad73d
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions sbin/ifconfig/ifvlan.c
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ vlan_parse_ethervid(const char *name)
{
char ifname[IFNAMSIZ];
char *cp;
int vid;
unsigned int vid;

strlcpy(ifname, name, IFNAMSIZ);
if ((cp = strrchr(ifname, '.')) == NULL)
Expand All @@ -134,9 +134,12 @@ vlan_parse_ethervid(const char *name)
errx(1, "invalid vlan tag");

vid = *cp++ - '0';
while ((*cp >= '0') && (*cp <= '9'))
while ((*cp >= '0') && (*cp <= '9')) {
vid = (vid * 10) + (*cp++ - '0');
if ((*cp != '\0') || (vid & ~0xFFF))
if (vid >= 0xFFF)
errx(1, "invalid vlan tag");
}
if (*cp != '\0')
errx(1, "invalid vlan tag");

/*
Expand Down

0 comments on commit b7ad73d

Please sign in to comment.