From c3a5b984f6cec4014c1120ee900a53b452eb9e32 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Wed, 22 May 2013 16:09:59 +0200
Subject: [PATCH 1/1] Limit zone names to 14 bytes

---
 zones.c | 8 ++++++++
 zones.h | 3 +++
 2 files changed, 11 insertions(+)

diff --git a/zones.c b/zones.c
index 3d3812c..4c17c68 100644
--- a/zones.c
+++ b/zones.c
@@ -189,6 +189,14 @@ fw3_load_zones(struct fw3_state *state, struct uci_package *p)
 			continue;
 		}
 
+		if (strlen(zone->name) > FW3_ZONE_MAXNAMELEN)
+		{
+			warn_elem(e, "must not have a name longer than %u characters",
+			             FW3_ZONE_MAXNAMELEN);
+			fw3_free_zone(zone);
+			continue;
+		}
+
 		if (list_empty(&zone->networks) && list_empty(&zone->devices) &&
 		    list_empty(&zone->subnets) && !zone->extra_src)
 		{
diff --git a/zones.h b/zones.h
index b78aa32..dfae81c 100644
--- a/zones.h
+++ b/zones.h
@@ -22,6 +22,9 @@
 #include "options.h"
 #include "iptables.h"
 
+/* 32 - sizeof("postrouting_") - sizeof("_rule") - sizeof("\0") */
+#define FW3_ZONE_MAXNAMELEN 14
+
 extern const struct fw3_option fw3_zone_opts[];
 
 struct fw3_zone * fw3_alloc_zone(void);
-- 
2.11.0