Limit zone names to 14 bytes
authorJo-Philipp Wich <jow@openwrt.org>
Wed, 22 May 2013 14:09:59 +0000 (16:09 +0200)
committerJo-Philipp Wich <jow@openwrt.org>
Wed, 22 May 2013 14:12:46 +0000 (16:12 +0200)
zones.c
zones.h

diff --git a/zones.c b/zones.c
index 3d3812ccdf7845aee795233f7c58616024cd2691..4c17c6800cc3d8738038800b8fbd8f8d8f2421a5 100644 (file)
--- a/zones.c
+++ b/zones.c
@@ -189,6 +189,14 @@ fw3_load_zones(struct fw3_state *state, struct uci_package *p)
                        continue;
                }
 
+               if (strlen(zone->name) > FW3_ZONE_MAXNAMELEN)
+               {
+                       warn_elem(e, "must not have a name longer than %u characters",
+                                    FW3_ZONE_MAXNAMELEN);
+                       fw3_free_zone(zone);
+                       continue;
+               }
+
                if (list_empty(&zone->networks) && list_empty(&zone->devices) &&
                    list_empty(&zone->subnets) && !zone->extra_src)
                {
diff --git a/zones.h b/zones.h
index b78aa32ece58043e02db9c18fe4a1e94a1eaf9c4..dfae81c9d013efe9e306dc7c7dc6e67a076bb128 100644 (file)
--- a/zones.h
+++ b/zones.h
@@ -22,6 +22,9 @@
 #include "options.h"
 #include "iptables.h"
 
+/* 32 - sizeof("postrouting_") - sizeof("_rule") - sizeof("\0") */
+#define FW3_ZONE_MAXNAMELEN 14
+
 extern const struct fw3_option fw3_zone_opts[];
 
 struct fw3_zone * fw3_alloc_zone(void);