ifconfig: Improve VLAN identifier parsing

VLAN identifier 0xFFF is reserved. It must not be configured or transmitted. Also validate during parsing to prevent potential integer overflow. Reviewed by: #network, melifaro Fixes: c7cffd65c5 Add support for stacked VLANs (IEEE 802.1ad, AKA Q-in-Q) MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D39282
2023-04-03 01:54:31 +08:00 · 2023-04-03 01:54:31 +08:00 · 28b498e65a
parent 5f3d0399e9
commit 28b498e65a
1 changed files with 6 additions and 3 deletions
--- a/sbin/ifconfig/ifvlan.c
+++ b/sbin/ifconfig/ifvlan.c
@ -121,7 +121,7 @@ vlan_parse_ethervid(const char *name)
 {
 	char ifname[IFNAMSIZ];
 	char *cp;
-	int vid;
+	unsigned int vid;

 	strlcpy(ifname, name, IFNAMSIZ);
 	if ((cp = strrchr(ifname, '.')) == NULL)
@ -134,9 +134,12 @@ vlan_parse_ethervid(const char *name)
 		errx(1, "invalid vlan tag");

 	vid = *cp++ - '0';
-	while ((*cp >= '0') && (*cp <= '9'))
+	while ((*cp >= '0') && (*cp <= '9')) {
 		vid = (vid * 10) + (*cp++ - '0');
-	if ((*cp != '\0') || (vid & ~0xFFF))
+		if (vid >= 0xFFF)
+			errx(1, "invalid vlan tag");
+	}
+	if (*cp != '\0')
 		errx(1, "invalid vlan tag");

 	/*