[libvirt] [PATCH v3 11/14] Core driver implementation with ebtables support

Thu Mar 25 17:05:52 UTC 2010

On Thu, Mar 25, 2010 at 12:44:42PM -0400, Stefan Berger wrote:
> "Daniel P. Berrange" <berrange at redhat.com> wrote on 03/25/2010 12:40:15 
> PM:
> 
> 
> > Please respond to "Daniel P. Berrange"
> > 
> > On Thu, Mar 25, 2010 at 12:26:34PM -0400, Stefan Berger wrote:
> > > libvir-list-bounces at redhat.com wrote on 03/25/2010 11:59:11 AM:
> > > 
> > > 
> > > > "Daniel P. Berrange" <berrange at redhat.com> wrote on 03/25/2010 
> 11:49:05 
> > > AM:
> > > > 
> > > > > Please respond to "Daniel P. Berrange" 
> > > > > 
> > > > > On Tue, Mar 23, 2010 at 10:54:17AM -0400, stefanb at us.ibm.com 
> wrote:
> > > > > > +/*
> > > > > > +    char macaddr[VIR_MAC_STRING_BUFLEN],
> > > > > > +         ipaddr[INET_ADDRSTRLEN],
> > > > > > +         number[20];
> > > > > > +    char chain[MAX_CHAINNAME_LENGTH];
> > > > > > +    virBuffer buf = VIR_BUFFER_INITIALIZER;
> > > > > > +
> > > > > > +    if (nwfilter->chainsuffix == VIR_NWFILTER_CHAINSUFFIX_ROOT)
> > > > > > +        PRINT_ROOT_CHAIN(chain, chainPrefix, ifname);
> > > > > > +    else
> > > > > > +        PRINT_CHAIN(chain, chainPrefix, ifname,
> > > > > > +                    virNWFilterChainSuffixTypeToString
> > > > > (nwfilter->chainsuffix));
> > > > > 
> > > > > Since we're passing this into the shell, I think we should do 
> paranoid
> > > > > validation on the 'chain' and 'ifname' fields, since they 
> ultimately 
> > > come
> > > > > from the user specified XML. Validate that it only contains a-Z, 
> 0-0, 
> > > -, _ 
> > > > 
> > > > Actually the user specified XML only currently allows the chain 
> names 
> > > 'arp', 
> > > > 'ipv4', 'ipv6' and 'root'. Others will already be rejected when 
> > > > parsing the filter. 
> > > > 
> > > 
> > > Actually, yes, there's a problem with target device names like t\"t 
> that 
> > > do create an
> > > interface named t\"t but end up creating an ebtables entry with 
> interface 
> > > t"t. So 
> > > if I don't go through bash it works correctly, otherwise it does not 
> and I 
> > > guess I
> > > would need to escape the '\' with '\\\'.
> > 
> > Such interface names are insane & we should just refuse them, rather 
> than
> > trying todo escaping :-)
> 
> Right, but at what level should they be refused? When such names are 
> parsed ?

We should likely refuse it in the src/conf/domain_conf.c parser


Daniel
-- 
|: Red Hat, Engineering, London    -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org        -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|