[Libguestfs] [PATCH nbdkit v2 2/6] main: Tighten up characters permitted in config keys.

[Eric Blake]

On 09/08/2018 03:15 AM, Richard W.M. Jones wrote:
> Previously key=value on the command line allowed the key to be pretty
> much anything that didn't contain an '=' character.  Even empty
> strings were permitted.
> 
> This tightens up the permitted keys so they must contain only ASCII
> alphanumeric, period, underscore or dash characters, and must not be
> an empty string.

Do we want to further restrict things to start with a letter or 
underscore (and not a dot, digit, or dash)?

> ---
>   docs/nbdkit-plugin.pod | 18 ++++++++++--------
>   src/main.c             | 32 +++++++++++++++++++++++++++++++-
>   2 files changed, 41 insertions(+), 9 deletions(-)
> 

> +static int
> +is_config_key (const char *key, size_t len)
> +{
> +  const char allowed[] =
> +    "abcdefghijklmnopqrstuvwxyz"
> +    "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
> +    "0123456789"
> +    "._-";
> +  size_t i;
> +
> +  if (key[0] == '\0')
> +    return 0;
> +
> +  for (i = 0; i < len; ++i) {
> +    if (strchr (allowed, key[i]) == NULL)

Why not use strspn and checking against the length, instead of rolling 
an O(n^2) algorithm yourself?  The libc version might have optimizations 
to run faster, although the speed of this loop is probably in the noise.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org