diff options
author | Pavel Emelyanov <xemul@openvz.org> | 2008-02-26 23:51:04 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-02-26 23:51:04 -0800 |
commit | b37d428b24ad38034f56b614de05686ba151b614 (patch) | |
tree | dfa41745c88edb80a47c246d13a899ee06a7510f /net/ipv6/sit.c | |
parent | d9595a7b9c777d45a74774f1428c263a0a47f4c0 (diff) |
[INET]: Don't create tunnels with '%' in name.
Four tunnel drivers (ip_gre, ipip, ip6_tunnel and sit) can receive a
pre-defined name for a device from the userspace. Since these drivers
call the register_netdevice() (rtnl_lock, is held), which does _not_
generate the device's name, this name may contain a '%' character.
Not sure how bad is this to have a device with a '%' in its name, but
all the other places either use the register_netdev(), which call the
dev_alloc_name(), or explicitly call the dev_alloc_name() before
registering, i.e. do not allow for such names.
This had to be prior to the commit 34cc7b, but I forgot to number the
patches and this one got lost, sorry.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6/sit.c')
-rw-r--r-- | net/ipv6/sit.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c index dde7801abef..1656c003b98 100644 --- a/net/ipv6/sit.c +++ b/net/ipv6/sit.c @@ -171,6 +171,11 @@ static struct ip_tunnel * ipip6_tunnel_locate(struct ip_tunnel_parm *parms, int if (dev == NULL) return NULL; + if (strchr(name, '%')) { + if (dev_alloc_name(dev, name) < 0) + goto failed_free; + } + nt = netdev_priv(dev); dev->init = ipip6_tunnel_init; nt->parms = *parms; @@ -178,16 +183,16 @@ static struct ip_tunnel * ipip6_tunnel_locate(struct ip_tunnel_parm *parms, int if (parms->i_flags & SIT_ISATAP) dev->priv_flags |= IFF_ISATAP; - if (register_netdevice(dev) < 0) { - free_netdev(dev); - goto failed; - } + if (register_netdevice(dev) < 0) + goto failed_free; dev_hold(dev); ipip6_tunnel_link(nt); return nt; +failed_free: + free_netdev(dev); failed: return NULL; } |