Add check for length strict equality for uuid is valid

Signed-off-by: Alexander Pantyukhin <apantykhin@gmail.com>
---
 lib/test_uuid.c | 1 +
 lib/uuid.c      | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/lib/test_uuid.c b/lib/test_uuid.c
index cd819c397dc7..7a3d258fa695 100644
--- a/lib/test_uuid.c
+++ b/lib/test_uuid.c
@@ -37,6 +37,7 @@ static const char * const test_uuid_wrong_data[] = {
 	"c33f4995-3701-450e-9fbf206a2e98e576 ",	/* no hyphen(s) */
 	"64b4371c-77c1-48f9-8221-29f054XX023b",	/* invalid character(s) */
 	"0cb4ddff-a545-4401-9d06-688af53e",	/* not enough data */
+	"0cb4ddff-a545-4401-9d06-688af53e7f8412" /* too much data */
 };
 
 static unsigned total_tests __initdata;
diff --git a/lib/uuid.c b/lib/uuid.c
index e309b4c5be3d..ca10e2b4334b 100644
--- a/lib/uuid.c
+++ b/lib/uuid.c
@@ -89,6 +89,9 @@ bool uuid_is_valid(const char *uuid)
 {
 	unsigned int i;
 
+	if (strlen(uuid) != UUID_STRING_LEN)
+		return false;
+
 	for (i = 0; i < UUID_STRING_LEN; i++) {
 		if (i == 8 || i == 13 || i == 18 || i == 23) {
 			if (uuid[i] != '-')
-- 
2.25.1

On Sat, Jan 21, 2023 at 02:38:02AM +0500, Alexander Pantyukhin wrote:

Thank you for the patch.

> Add check for length strict equality for uuid is valid

UUID

Missing period at the end of sentence.

...

Why do you think it's a problem?

Have you checked all callers if they strictly using this API and not to parse
something like:

	UUID ...other data...\0

?

-- 
With Best Regards,
Andy Shevchenko