The branch main has been updated by zlei: URL: https://cgit.FreeBSD.org/src/commit/?id=28b498e65ab40975ea12393498bacd6249b7204c
commit 28b498e65ab40975ea12393498bacd6249b7204c Author: Zhenlei Huang <[email protected]> AuthorDate: 2023-04-02 17:54:31 +0000 Commit: Zhenlei Huang <[email protected]> CommitDate: 2023-04-02 17:54:31 +0000 ifconfig: Improve VLAN identifier parsing VLAN identifier 0xFFF is reserved. It must not be configured or transmitted. Also validate during parsing to prevent potential integer overflow. Reviewed by: #network, melifaro Fixes: c7cffd65c5d85 Add support for stacked VLANs (IEEE 802.1ad, AKA Q-in-Q) MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D39282 --- sbin/ifconfig/ifvlan.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/sbin/ifconfig/ifvlan.c b/sbin/ifconfig/ifvlan.c index 74d683ebb55a..53f2e68fa2fd 100644 --- a/sbin/ifconfig/ifvlan.c +++ b/sbin/ifconfig/ifvlan.c @@ -121,7 +121,7 @@ vlan_parse_ethervid(const char *name) { char ifname[IFNAMSIZ]; char *cp; - int vid; + unsigned int vid; strlcpy(ifname, name, IFNAMSIZ); if ((cp = strrchr(ifname, '.')) == NULL) @@ -134,9 +134,12 @@ vlan_parse_ethervid(const char *name) errx(1, "invalid vlan tag"); vid = *cp++ - '0'; - while ((*cp >= '0') && (*cp <= '9')) + while ((*cp >= '0') && (*cp <= '9')) { vid = (vid * 10) + (*cp++ - '0'); - if ((*cp != '\0') || (vid & ~0xFFF)) + if (vid >= 0xFFF) + errx(1, "invalid vlan tag"); + } + if (*cp != '\0') errx(1, "invalid vlan tag"); /*
