[libvirt] [PATCH v2] Blank out invalid interface names with escaped letters etc.

[Stefan Berger]

Check that interface names only contain valid characters. Blank them out
otherwise.
Valid characters in this code are currently a-z,A-Z,0-9, '-' and '_'.

Signed-off-by: Stefan Berger <stefanb at us.ibm.com>

---
 src/conf/domain_conf.c |    9 ++++++++-
 src/conf/domain_conf.h |    3 +++
 2 files changed, 11 insertions(+), 1 deletion(-)

Index: libvirt-acl/src/conf/domain_conf.c
===================================================================
--- libvirt-acl.orig/src/conf/domain_conf.c
+++ libvirt-acl/src/conf/domain_conf.c
@@ -1776,6 +1776,11 @@ cleanup:
 }
 
 
+static bool
+isValidIfname(const char *ifname) {
+    return strspn(ifname, VALID_IFNAME_CHARS) == strlen(ifname);
+}
+
 
 /* Parse the XML definition for a network interface
  * @param node XML nodeset to parse for net definition
@@ -1859,8 +1864,10 @@ virDomainNetDefParseXML(virCapsPtr caps,
                        xmlStrEqual(cur->name, BAD_CAST "target")) {
                 ifname = virXMLPropString(cur, "dev");
                 if ((ifname != NULL) &&
-                    (STRPREFIX((const char*)ifname, "vnet"))) {
+                    ((STRPREFIX((const char*)ifname, "vnet")) ||
+                     (!isValidIfname(ifname)))) {
                     /* An auto-generated target name, blank it out */
+                    /* blank out invalid interface names */
                     VIR_FREE(ifname);
                 }
             } else if ((script == NULL) &&
Index: libvirt-acl/src/conf/domain_conf.h
===================================================================
--- libvirt-acl.orig/src/conf/domain_conf.h
+++ libvirt-acl/src/conf/domain_conf.h
@@ -297,6 +297,9 @@ struct _virDomainNetDef {
     virNWFilterHashTablePtr filterparams;
 };
 
+#define VALID_IFNAME_CHARS \
+ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_"
+
 enum virDomainChrTargetType {
     VIR_DOMAIN_CHR_TARGET_TYPE_NULL = 0,
     VIR_DOMAIN_CHR_TARGET_TYPE_MONITOR,