[PATCH] zones: fix max length of zone names

Matthias Schiffer mschiffer at universe-factory.net
Sat Sep 5 10:08:38 EDT 2020 

On 9/5/20 1:11 AM, David Bauer wrote:
> Hi Alexey,
> 
> On 9/4/20 10:32 PM, Alexey Dobrovolskiy wrote:
>> Hi,
>> please, see also
>> https://patchwork.ozlabs.org/project/openwrt/patch/20200830211009.3359-1-dobrovolskiy.alexey@gmail.com/
> 
> I was not aware of this patch. Will merge yours in the coming days.
> 
> Best wishes
> David


Maybe we could replace "postrouting" and similiar strings with abbreviated
versions?

Kind regards,
Matthias



> 
>>
>> Best regards,
>> Alexey
>>
>> пт, 4 сент. 2020 г. в 02:02, David Bauer <mail at david-bauer.net>:
>>>
>>> Previously the max length of a zone name was assuming the max
>>> length for a extension in netfilter is 32 bytes while in reality it is
>>> only 29.
>>>
>>> Fix this incorrect assumption to allow firewall3 to validate the zone
>>> name lengths correctly.
>>>
>>> Signed-off-by: David Bauer <mail at david-bauer.net>
>>> ---
>>>  zones.h | 8 ++++++--
>>>  1 file changed, 6 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/zones.h b/zones.h
>>> index d786736..beb0e22 100644
>>> --- a/zones.h
>>> +++ b/zones.h
>>> @@ -22,8 +22,12 @@
>>>  #include "options.h"
>>>  #include "iptables.h"
>>>
>>> -/* 32 - sizeof("postrouting_") - sizeof("_rule") - sizeof("\0") */
>>> -#define FW3_ZONE_MAXNAMELEN 14
>>> +/* XT_EXTENSION_MAXNAMELEN (29)
>>> + *  - sizeof("postrouting_")
>>> + *  - sizeof("_rule")
>>> + *  - sizeof("\0")
>>> + */
>>> +#define FW3_ZONE_MAXNAMELEN 11
>>>
>>>  extern const struct fw3_option fw3_zone_opts[];
>>>
>>> --
>>> 2.28.0
>>>
>>>
>>> _______________________________________________
>>> openwrt-devel mailing list
>>> openwrt-devel at lists.openwrt.org
>>> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
> 
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20200905/446b6c71/attachment-0001.sig>

More information about the openwrt-devel mailing list