Merge pull request FRRouting#20311 from mjstapp/fix_staticd_config_keywords

Jafaral · web-flow · commit d387c53335ed · 2026-02-18T10:28:34.000-06:00
staticd: in route config, reject keywords as ifname
diff --git a/doc/user/static.rst b/doc/user/static.rst
@@ -50,7 +50,9 @@ a static prefix and gateway, with several possible forms.
    v6 routes only support v6 next-hops.
 
    IFNAME is the name of the interface to use as next-hop. If only IFNAME is specified
-   (without GATEWAY), a connected route will be created.
+   (without GATEWAY), a connected route will be created. Note that
+   some of the other keywords are not valid interface names: ``vrf``,
+   ``table``, ``label``, ``tag``, ``color``, ``segments``, and ``nexthop-vrf``.
 
    When both IFNAME and GATEWAY are specified together, it binds the route to the specified
    interface. In this case, it is also possible to specify ``onlink`` to force the kernel
@@ -289,4 +291,4 @@ SRv6 Static SIDs Commands
       sid    fcbb:bbbb:1:fe03::/64 locator LOC1 behavior uDT46 vrf Vrf2
       sid    fcbb:bbbb:1:fe04::/64 locator LOC1 behavior uA interface eth0 nexthop 2001::2
        !
-   ...
+   ...
diff --git a/staticd/static_vty.c b/staticd/static_vty.c
@@ -68,6 +68,28 @@ struct static_route_args {
 	const char *srv6_encap_behavior;
 };
 
+/* Reject invalid keywords interpreted as interface names */
+static bool staticd_ifname_invalid(const char *ifname)
+{
+	const char *const *cp;
+	static const char *const invalid_names[] = {
+		"tag",
+		"vrf",
+		"label",
+		"color",
+		"table",
+		"segments",
+		"nexthop-vrf",
+		NULL /*End sentinel*/
+	};
+
+	for (cp = invalid_names; cp != NULL && *cp != NULL; cp++)
+		if (strmatch(*cp, ifname))
+			return true;
+
+	return false;
+}
+
 static int static_route_nb_run(struct vty *vty, struct static_route_args *args)
 {
 	int ret;
@@ -116,10 +138,17 @@ static int static_route_nb_run(struct vty *vty, struct static_route_args *args)
 	if (args->nexthop_vrf == NULL)
 		args->nexthop_vrf = args->vrf;
 
-	if (args->interface_name &&
-	    !strcasecmp(args->interface_name, "Null0")) {
-		args->flag = "Null0";
-		args->interface_name = NULL;
+	/* Interface token validation */
+	if (args->interface_name) {
+		if (strcasecmp(args->interface_name, "Null0") == 0) {
+			args->flag = "Null0";
+			args->interface_name = NULL;
+		} else if (staticd_ifname_invalid(args->interface_name)) {
+			/* Check for prohibited keywords as ifname */
+			vty_out(vty, "%% Invalid interface name %s\n",
+				args->interface_name);
+			return CMD_WARNING_CONFIG_FAILED;
+		}
 	}
 
 	assert(!!str2prefix(args->prefix, &p));
