From e5b56b96c45e6687948fd4d8bacc18ec213865ce Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <athena@invisiblethingslab.com>
Date: Thu, 17 Dec 2020 23:39:19 -0500
Subject: [PATCH] =?UTF-8?q?Don=E2=80=99t=20rely=20on=20an=20arbitrary=20le?=
 =?UTF-8?q?ngth=20limit?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We can check for overlong domids without hardcoding the length in a
regex.  Just check if the length is longer than that of the max XID.
---
 network/vif-route-qubes | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/network/vif-route-qubes b/network/vif-route-qubes
index 1c3a854..041cff2 100755
--- a/network/vif-route-qubes
+++ b/network/vif-route-qubes
@@ -97,7 +97,7 @@ readonly max_domid=32752
 # In fact, some test setups, including OpenQA, actually do this.  Therefore, we
 # now handle this case correctly, even though it is by definition a security
 # risk.
-if ! [[ $vif =~ ^vif(0|[1-9][0-9]{,4})\.(0|[1-9][0-9]*)$ ]]; then
+if ! [[ $vif =~ ^vif(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)$ ]]; then
     printf 'Bad interface name %q\n' "$vif">&2
     exit 1
 fi
@@ -106,7 +106,8 @@ domid=${BASH_REMATCH[1]} sub=${BASH_REMATCH[2]}
 
 # metric must be positive, but prefer later interface
 #  32752 is max XID aka domid
-if (( domid > max_domid )); then
+#  the length check ensures there is no overflow
+if (( "${#domid}" > "${#max_domid}" || domid > max_domid )); then
     printf %s\\n "domid $domid too large"
     exit 1
 fi