[libvirt] [PATCH v5] network: bridge: Don't start network if it collides with host routing

[Jim Meyering]

Cole Robinson wrote:
> Fedora bug https://bugzilla.redhat.com/show_bug.cgi?id=235961
>
> If using the default virtual network, an easy way to lose guest network
> connectivity is to install libvirt inside the VM. The autostarted
> default network inside the guest collides with host virtual network
> routing. This is a long standing issue that has caused users quite a
> bit of pain and confusion.
>
> On network startup, parse /proc/net/route and compare the requested
> IP+netmask against host routing destinations: if any matches are found,
> refuse to start the network.
>
> v2: Drop sscanf, fix a comment typo, comment that function could use
>     libnl instead of /proc
>
> v3: Consider route netmask. Compare binary data rather than convert to
>     string.
>
> v4: Return to using sscanf, drop inet functions in favor of virSocket,
>     parsing safety checks. Don't make parse failures fatal, in case
>     expected format changes.
>
> v5: Try and continue if we receive unexpected. Delimit parsed lines to
>     prevent scanning past newline
...
> +    while (cur) {
> +        char iface[17], dest[128], mask[128];
> +        unsigned int addr_val, mask_val;
> +        int num;
> +
> +        /* NUL-terminate the line, so sscanf doesn't go beyond a newline.  */
> +        char *nl = strchr(cur, '\n');
> +        if (nl) {
> +            *nl++ = '\0';
> +        }
> +
> +        num = sscanf(cur, "%16s %127s %*s %*s %*s %*s %*s %127s",
> +                     iface, dest, mask);
> +        cur = nl;

Glad you incremented nl above and hoisted the "cur" update to here.

ACK.

> +        if (num != 3) {
> +            VIR_DEBUG("Failed to parse %s", PROC_NET_ROUTE);
> +            continue;
> +        }