From 5d8fad3dc13963fa19ca02913f8c4f12ab3321c1 Mon Sep 17 00:00:00 2001 From: Jakub Jankowski Date: Tue, 21 Nov 2017 03:22:27 +0100 Subject: rc.inet1: Avoid de-/configuring ifaces with indexes >=MAXNICS The code around MAXNICS currently only uses it to populate first $MAXNICS elements of IFNAME array, which is later used to match interface name to index used to access all other arrays. If you configure IPADDR[6], this code doesn't find a matching entry in IFNAME but doesn't do anything about it. This works by accident, because iteration variable "i" stays at "6" after exiting the loop. But when you configure IPADDR[7], it will still stay on "6", and will use ...[6] values to configure that interface, which is potentially damaging. Better safe than sorry: let's check for this overflow and do nothing, instead of potentially doing the wrong thing. Signed-off-by: Robby Workman --- rc.inet1 | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/rc.inet1 b/rc.inet1 index d6ccea6..a70430e 100644 --- a/rc.inet1 +++ b/rc.inet1 @@ -127,6 +127,14 @@ if_up() { [ "${IFNAME[$i]}" = "${1}" ] && break i=$(($i+1)) done + # If "i" is greater or equal to "MAXNICS" at this point, it means we didn't + # find an entry in IFNAME array corresponding to "$1", which likely means + # there are more interfaces configured than MAXNICS. Let's err on the + # side of caution and do nothing instead of possibly doing the wrong thing. + if [ $i -ge $MAXNICS ]; then + echo "/etc/rc.d/rc.inet1: skipping ${1}, you might need to increase MAXNICS" | $LOGGER + return + fi # If the interface is a bridge, then create it first: [ -n "${BRNICS[$i]}" ] && br_open $i # If the interface isn't in the kernel yet (but there's an alias for it in @@ -245,6 +253,10 @@ if_down() { [ "${IFNAME[$i]}" = "${1}" ] && break i=$(($i+1)) done + if [ $i -ge $MAXNICS ]; then + echo "/etc/rc.d/rc.inet1: skipping ${1}, you might need to increase MAXNICS" | $LOGGER + return + fi if grep $(echo ${1}: | cut -f 1 -d :): /proc/net/dev 1> /dev/null ; then if [ "${USE_DHCP[$i]}" = "yes" ]; then echo "/etc/rc.d/rc.inet1: /sbin/dhcpcd -k -d ${1}" | $LOGGER -- cgit v1.2.3