| Message ID | 20190715180430.19902-1-mcroce@redhat.com |
|---|---|
| State | Accepted |
| Delegated to: | stephen hemminger |
| Headers | show |
| Series | [iproute2,v2] utils: don't match empty strings as prefixes | expand |
On Mon, 15 Jul 2019 20:04:30 +0200 Matteo Croce <mcroce@redhat.com> wrote: > iproute has an utility function which checks if a string is a prefix for > another one, to allow use of abbreviated commands, e.g. 'addr' or 'a' > instead of 'address'. > > This routine unfortunately considers an empty string as prefix > of any pattern, leading to undefined behaviour when an empty > argument is passed to ip: > > # ip '' > 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > valid_lft forever preferred_lft forever > inet6 ::1/128 scope host > valid_lft forever preferred_lft forever > > # tc '' > qdisc noqueue 0: dev lo root refcnt 2 > > # ip address add 192.0.2.0/24 '' 198.51.100.1 dev dummy0 > # ip addr show dev dummy0 > 6: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000 > link/ether 02:9d:5e:e9:3f:c0 brd ff:ff:ff:ff:ff:ff > inet 192.0.2.0/24 brd 198.51.100.1 scope global dummy0 > valid_lft forever preferred_lft forever > > Rewrite matches() so it takes care of an empty input, and doesn't > scan the input strings three times: the actual implementation > does 2 strlen and a memcpy to accomplish the same task. > > Signed-off-by: Matteo Croce <mcroce@redhat.com> Thanks for following up. Applied
diff --git a/include/utils.h b/include/utils.h index 1d9c1127..794d3605 100644 --- a/include/utils.h +++ b/include/utils.h @@ -198,7 +198,7 @@ int nodev(const char *dev); int check_ifname(const char *); int get_ifname(char *, const char *); const char *get_ifname_rta(int ifindex, const struct rtattr *rta); -int matches(const char *arg, const char *pattern); +bool matches(const char *prefix, const char *string); int inet_addr_match(const inet_prefix *a, const inet_prefix *b, int bits); int inet_addr_match_rta(const inet_prefix *m, const struct rtattr *rta); diff --git a/lib/utils.c b/lib/utils.c index 5da9a478..9ea21fa1 100644 --- a/lib/utils.c +++ b/lib/utils.c @@ -871,13 +871,18 @@ const char *get_ifname_rta(int ifindex, const struct rtattr *rta) return name; } -int matches(const char *cmd, const char *pattern) +/* Returns false if 'prefix' is a not empty prefix of 'string'. + */ +bool matches(const char *prefix, const char *string) { - int len = strlen(cmd); + if (!*prefix) + return true; + while (*string && *prefix == *string) { + prefix++; + string++; + } - if (len > strlen(pattern)) - return -1; - return memcmp(pattern, cmd, len); + return !!*prefix; } int inet_addr_match(const inet_prefix *a, const inet_prefix *b, int bits)
iproute has an utility function which checks if a string is a prefix for another one, to allow use of abbreviated commands, e.g. 'addr' or 'a' instead of 'address'. This routine unfortunately considers an empty string as prefix of any pattern, leading to undefined behaviour when an empty argument is passed to ip: # ip '' 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever # tc '' qdisc noqueue 0: dev lo root refcnt 2 # ip address add 192.0.2.0/24 '' 198.51.100.1 dev dummy0 # ip addr show dev dummy0 6: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 02:9d:5e:e9:3f:c0 brd ff:ff:ff:ff:ff:ff inet 192.0.2.0/24 brd 198.51.100.1 scope global dummy0 valid_lft forever preferred_lft forever Rewrite matches() so it takes care of an empty input, and doesn't scan the input strings three times: the actual implementation does 2 strlen and a memcpy to accomplish the same task. Signed-off-by: Matteo Croce <mcroce@redhat.com> --- include/utils.h | 2 +- lib/utils.c | 15 ++++++++++----- 2 files changed, 11 insertions(+), 6 deletions(-)