From 5d8fad3dc13963fa19ca02913f8c4f12ab3321c1 Mon Sep 17 00:00:00 2001
From: Jakub Jankowski <shasta@toxcorp.com>
Date: Tue, 21 Nov 2017 03:22:27 +0100
Subject: rc.inet1: Avoid de-/configuring ifaces with indexes >=MAXNICS

The code around MAXNICS currently only uses it to populate
first $MAXNICS elements of IFNAME array, which is later
used to match interface name to index used to access all
other arrays.

If you configure IPADDR[6], this code doesn't find a matching
entry in IFNAME but doesn't do anything about it. This works
by accident, because iteration variable "i" stays at "6" after
exiting the loop.

But when you configure IPADDR[7], it will still stay on "6",
and will use ...[6] values to configure that interface, which
is potentially damaging.

Better safe than sorry: let's check for this overflow and do
nothing, instead of potentially doing the wrong thing.

Signed-off-by: Robby Workman <rworkman@slackware.com>
---
 rc.inet1 | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/rc.inet1 b/rc.inet1
index d6ccea6..a70430e 100644
--- a/rc.inet1
+++ b/rc.inet1
@@ -127,6 +127,14 @@ if_up() {
     [ "${IFNAME[$i]}" = "${1}" ] && break
     i=$(($i+1))
   done
+  # If "i" is greater or equal to "MAXNICS" at this point, it means we didn't
+  # find an entry in IFNAME array corresponding to "$1", which likely means
+  # there are more interfaces configured than MAXNICS. Let's err on the
+  # side of caution and do nothing instead of possibly doing the wrong thing.
+  if [ $i -ge $MAXNICS ]; then
+    echo "/etc/rc.d/rc.inet1:  skipping ${1}, you might need to increase MAXNICS" | $LOGGER
+    return
+  fi
   # If the interface is a bridge, then create it first:
   [ -n "${BRNICS[$i]}" ] && br_open $i
   # If the interface isn't in the kernel yet (but there's an alias for it in
@@ -245,6 +253,10 @@ if_down() {
     [ "${IFNAME[$i]}" = "${1}" ] && break
     i=$(($i+1))
   done
+  if [ $i -ge $MAXNICS ]; then
+    echo "/etc/rc.d/rc.inet1:  skipping ${1}, you might need to increase MAXNICS" | $LOGGER
+    return
+  fi
   if grep $(echo ${1}: | cut -f 1 -d :): /proc/net/dev 1> /dev/null ; then
     if [ "${USE_DHCP[$i]}" = "yes" ]; then
       echo "/etc/rc.d/rc.inet1:  /sbin/dhcpcd -k -d ${1}" | $LOGGER
-- 
cgit v1.2.3