* @param[in] handle The VPN interface handle
* @param[in] routes_dest_vpn_addr Destination address of the routes, the list of allowing networks over VPN interface (e.g., VPN interface such as tun0, etc).
* @param[in] routes_vpn_prefix The prefix of VPN interface, netmask length (also called a prefix, e.g. 8, 16, 24, 32).
- * @param[in] num_allow_routes_vpn The number of allowing networks over VPN interface
+ * @param[in] num_allow_routes_vpn The number of allowing networks over VPN interface. Up to 255 addresses can be allowed.
* @param[in] routes_dest_orig_addr Destination address of the routes, the list of allowing networks over the original interface (e.g., original interface such as eth0, wlan0, etc).
* @param[in] routes_orig_prefix The prefix of Original interface, netmask length (also called a prefix, e.g. 8, 16, 24, 32).
- * @param[in] num_allow_routes_orig The number of allowing networks over the original interface
+ * @param[in] num_allow_routes_orig The number of allowing networks over the original interface. Up to 255addresses can be allowed.
* @return 0 on success. otherwise, a negative error value.
* @retval #VPNSVC_ERROR_NONE Success
* @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter
#define DBUS_REPLY_TIMEOUT (120 * 1000)
#define BUF_SIZE_FOR_ERR 100
+#define MAX_NUM_ROUTES 255
GVariant *op = NULL;
LOGE("handle is a NULL"); //LCOV_EXCL_LINE
return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
}
+
+ if (num_allow_routes_vpn > MAX_NUM_ROUTES || num_allow_routes_orig > MAX_NUM_ROUTES) {
+ LOGE("too many routes");
+ return VPNSVC_ERROR_INVALID_PARAMETER;
+ }
+
tun_s = (vpnsvc_tun_s*)handle;
LOGD("enter vpnsvc_block_networks");