From 850d36efb2ae248d4c7415508dac8f62dcc93a7b Mon Sep 17 00:00:00 2001 From: David Gwynne Date: Mon, 12 Nov 2018 06:35:38 +0000 Subject: limit the number of interface units to the number of device minors this prevents creation of tap and tun devices that you cannot open from userland because of the limit on the number of dev_t minor numbers. the lack of limit was pointed out by Greg Steuck ok deraadt@ guenther@ --- sys/net/if_tun.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'sys') diff --git a/sys/net/if_tun.c b/sys/net/if_tun.c index 33f97655d53..e08bb61a52d 100644 --- a/sys/net/if_tun.c +++ b/sys/net/if_tun.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_tun.c,v 1.181 2018/02/24 07:20:04 dlg Exp $ */ +/* $OpenBSD: if_tun.c,v 1.182 2018/11/12 06:35:37 dlg Exp $ */ /* $NetBSD: if_tun.c,v 1.24 1996/05/07 02:40:48 thorpej Exp $ */ /* @@ -193,6 +193,9 @@ tun_create(struct if_clone *ifc, int unit, int flags) struct tun_softc *tp; struct ifnet *ifp; + if (unit > minor(~0U)) + return (ENXIO); + tp = malloc(sizeof(*tp), M_DEVBUF, M_WAITOK|M_ZERO); tp->tun_unit = unit; tp->tun_flags = TUN_INITED|TUN_STAYUP; -- cgit v1.2.3