a _lot_ of searching revealed this code fragment:
/*
* Verify the string as this thing may have come from
* the user. There must be one "%d" and no other "%"
* characters.
*/
p = strchr(name, '%');
if (!p || p[1] != 'd' || strchr(p+2, '%'))
return -EINVAL;
Well, obviously my devicename _do_ come "from the user", as I really like
to name my tun devices (and everything else). The problem is that vtund
passes in "tun2" as devicename, which does not contain a "%d".
Maybe this piece of code is designed to fix security problems, but it
keeps vtund from working properly.
How about this change?
- if (!p || p[1] != 'd' || strchr(p+2, '%'))
+ if (p && (p[1] != 'd' || strchr(p+2, '%')))
--
-----==- |
----==-- _ |
---==---(_)__ __ ____ __ Marc Lehmann +--
--==---/ / _ \/ // /\ \/ / pcg@goof.com |e|
-=====/_/_//_/\_,_/ /_/\_\ XX11-RIPE --+
The choice of a GNU generation |
|
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/