[libvirt] [PATCHv2 1/2] virDomainSaveXML: Reject domains which name contain '/'
John Ferlan
jferlan at redhat.com
Thu Feb 7 14:57:21 UTC 2013
On 02/07/2013 08:27 AM, Christophe Fergeau wrote:
> Similarly to 790f912b4 which rejects snapshots names containing,
> this commit changes virDomainSaveXML to reject domains with a '/'
> in their name. The domain name is used as a filename, so this
> leads to unexpected results when used in combination with '..'
> ---
> src/conf/domain_conf.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index 85a798d..13f4bc0 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -14728,6 +14728,13 @@ int virDomainSaveXML(const char *configDir,
> char *configFile = NULL;
> int ret = -1;
>
> + if (strchr(def->name, '/')) {
> + virReportError(VIR_ERR_XML_DETAIL,
> + _("invalid domain name '%s': name can't contain '/'"),
> + def->name);
> + goto cleanup;
> + }
> +
> if ((configFile = virDomainConfigFile(configDir, def->name)) == NULL)
> goto cleanup;
>
>
Seems this should be in a more "general" location. Would the same rules apply to
other objects (networks, storage, etc.)? What other characters should be avoided?
Having a comma, semi-colon, colon, etc. could have interesting results. Perhaps
somewhat different rules for each, but using some sort of type of object enum
to weed out object specific rules (eg, VIR_IS_ type macros).
Perhaps someone who's been on the project a bit longer has a suggestion or two...
John
More information about the libvir-list
mailing list