All current pif names are quite short, and we expect them to remain short
when/if we allow arbitrary pifs. However, because of the structure of
the current code we don't enforce any limit on the length.
This will become more important with dynamic configuration updates, so
start enforcing a length limit. Specifically we allow pif names to be up
to 128 bytes (PIF_NAME_SIZE), including the terminating \0. This is
more or less arbitrary, but seems like it should be comfortably enough for
all the cases we have in mind.
Signed-off-by: David Gibson
---
pif.c | 2 +-
pif.h | 5 ++++-
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/pif.c b/pif.c
index 1e807247..d5e31613 100644
--- a/pif.c
+++ b/pif.c
@@ -17,7 +17,7 @@
#include "inany.h"
#include "epoll_ctl.h"
-const char *pif_type_str[] = {
+const char pif_type_str[][PIF_NAME_SIZE] = {
[PIF_NONE] = "<none>",
[PIF_HOST] = "HOST",
[PIF_TAP] = "TAP",
diff --git a/pif.h b/pif.h
index 7bb58e5c..90dd3a32 100644
--- a/pif.h
+++ b/pif.h
@@ -35,7 +35,9 @@ enum pif_type {
PIF_NUM_TYPES,
};
-extern const char *pif_type_str[];
+/* Maxmimum size of a pif name, including \0 */
+#define PIF_NAME_SIZE (128)
+extern const char pif_type_str[][PIF_NAME_SIZE];
static inline const char *pif_type(enum pif_type pt)
{
@@ -43,6 +45,7 @@ static inline const char *pif_type(enum pif_type pt)
return pif_type_str[pt];
else
return "?";
+ static_assert(sizeof("?") <= PIF_NAME_SIZE);
}
static inline const char *pif_name(uint8_t pif)
--
2.53.0