1
0
Fork 0
mirror of https://passt.top/passt synced 2025-06-08 08:35:35 +02:00

conf: More thorough error checking when parsing --mtu option

We're a bit sloppy with parsing MTU which can lead to some surprising,
though fairly harmless, results:
  * Passing a non-number like '-m xyz' will not give an error and act like
    -m 0
  * Junk after a number (e.g. '-m 1500pqr') will be ignored rather than
    giving an error
  * We parse the MTU as a long, then immediately assign to an int, so on
    some platforms certain ludicrously out of bounds values will be
    silently truncated, rather than giving an error

Be a bit more thorough with the error checking to avoid that.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
David Gibson 2025-02-19 14:14:27 +11:00 committed by Stefano Brivio
parent 65e317a8fc
commit 3dc7da68a2

23
conf.c
View file

@ -1652,20 +1652,29 @@ void conf(struct ctx *c, int argc, char **argv)
die("Invalid PID file: %s", optarg);
break;
case 'm':
errno = 0;
c->mtu = strtol(optarg, NULL, 0);
case 'm': {
unsigned long mtu;
char *e;
if (!c->mtu) {
errno = 0;
mtu = strtoul(optarg, &e, 0);
if (errno || *e)
die("Invalid MTU: %s", optarg);
if (!mtu) {
c->mtu = -1;
break;
}
if (c->mtu < ETH_MIN_MTU || c->mtu > (int)ETH_MAX_MTU ||
errno)
die("Invalid MTU: %s", optarg);
if (mtu < ETH_MIN_MTU || mtu > ETH_MAX_MTU) {
die("MTU %lu out of range (%u..%u)", mtu,
ETH_MIN_MTU, ETH_MAX_MTU);
}
c->mtu = mtu;
break;
}
case 'a':
if (inet_pton(AF_INET6, optarg, &c->ip6.addr) &&
!IN6_IS_ADDR_UNSPECIFIED(&c->ip6.addr) &&