From 1295b8ff0f61705610f25234b7b937a3b71c9a85 Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Mon, 28 Oct 2002 19:16:44 +0000
Subject: Zero the trusted_interface buffer before starting parsing. Print a
 warning if a requested interface name is longer than IFNAMSIZ.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
---
 sys/security/mac_biba/mac_biba.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'sys/security/mac_biba')

diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index 9292a73..5005843 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -1159,6 +1159,7 @@ mac_biba_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel)
 	    !strvalid(trusted_interfaces, sizeof(trusted_interfaces)))
 		goto set;
 
+	bzero(tiflist, sizeof(tiflist));
 	for (p = trusted_interfaces, q = tiflist; *p != '\0'; p++, q++)
 		if(*p != ' ' && *p != '\t')
 			*q = *p;
@@ -1175,6 +1176,11 @@ mac_biba_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel)
 					grade = MAC_BIBA_TYPE_HIGH;
 					break;
 				}
+			} else {
+				*p = '\0';
+				printf("mac_biba warning: interface name "
+				    "\"%s\" is too long (must be < %d)\n",
+				    q, IFNAMSIZ);
 			}
 			if (*p == '\0')
 				break;
-- 
cgit v1.1