mac_pton: Don't access memory over expected length

The strlen() may go too far when estimating the length of the given string. In some cases it may go over the boundary and crash the system which is the case according to the commit 13a55372 ("ARM: orion5x: Revert commit 4904dbda."). Rectify this by switching to strnlen() for the expected maximum length of the string. Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Link: https://lore.kernel.org/r/20221108141108.62974-1-andriy.shevchenko@linux.intel.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>

mac_pton: Don't access memory over expected length
The strlen() may go too far when estimating the length of the given string. In some cases it may go over the boundary and crash the system which is the case according to the commit 13a55372 ("ARM: orion5x: Revert commit 4904dbda."). Rectify this by switching to strnlen() for the expected maximum length of the string. Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Link: https://lore.kernel.org/r/20221108141108.62974-1-andriy.shevchenko@linux.intel.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
21780f89 · Andy Shevchenko · Jakub Kicinski · 13bd8558 · 21780f89
Commit 21780f89 authored Nov 08, 2022 by Andy Shevchenko Committed by Jakub Kicinski Nov 09, 2022
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

lib/net_utils.c lib/net_utils.c +2 -1

No files found.
--- a/lib/net_utils.c
+++ b/lib/net_utils.c
@@ -6,10 +6,11 @@

 bool mac_pton(const char *s, u8 *mac)
 {
+	size_t maxlen = 3 * ETH_ALEN - 1;
 	int i;

 	/* XX:XX:XX:XX:XX:XX */
-	if (strlen(s) < 3 * ETH_ALEN - 1)
+	if (strnlen(s, maxlen) < maxlen)
 		return false;

 	/* Don't dirty result unless string is valid MAC. */