From 927e20fa4976c7b68c95814f3706cd4e89ac28c8 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 23 Aug 2023 12:13:44 +0900 Subject: nspawn: check validity of the internal interface name only explicitly specified Follow-up for 2f091b1b49543aade4aad9ec3b35b3665abac3e7. Fixes #28844. --- src/nspawn/nspawn-network.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) (limited to 'src/nspawn/nspawn-network.c') diff --git a/src/nspawn/nspawn-network.c b/src/nspawn/nspawn-network.c index 89b50026db..b83e472245 100644 --- a/src/nspawn/nspawn-network.c +++ b/src/nspawn/nspawn-network.c @@ -774,20 +774,22 @@ static int network_iface_pair_parse(const char* iftype, char ***l, const char *p return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "%s, interface name not valid: %s", iftype, a); - if (isempty(interface)) { - if (ifprefix) - b = strjoin(ifprefix, a); - else - b = strdup(a); - } else + /* Here, we only check the validity of the specified second name. If it is not specified, + * the copied or prefixed name should be already valid, except for its length. If it is too + * long, then it will be shortened later. */ + if (!isempty(interface)) { + if (!ifname_valid(interface)) + return log_error_errno(SYNTHETIC_ERRNO(EINVAL), + "%s, interface name not valid: %s", iftype, interface); + b = strdup(interface); + } else if (ifprefix) + b = strjoin(ifprefix, a); + else + b = strdup(a); if (!b) return log_oom(); - if (!ifname_valid(b)) - return log_error_errno(SYNTHETIC_ERRNO(EINVAL), - "%s, interface name not valid: %s", iftype, b); - r = strv_consume_pair(l, TAKE_PTR(a), TAKE_PTR(b)); if (r < 0) return log_oom(); -- cgit v1.2.3