[libvirt] [PATCH 2/2] util: file: Don't carelessly sanitize URIs
Ján Tomko
jtomko at redhat.com
Wed Apr 8 11:17:49 UTC 2015
On Wed, Apr 08, 2015 at 11:21:59AM +0200, Peter Krempa wrote:
> rfc3986 states that the separator in URI path is a single slash.
> Multiple slashes may potentially lead to different resources and thus we
> should not remove them.
> ---
> src/util/virfile.c | 6 ++++++
> tests/virfiletest.c | 7 +++++++
> 2 files changed, 13 insertions(+)
>
> diff --git a/src/util/virfile.c b/src/util/virfile.c
> index c528a1c..87d121d 100644
> --- a/src/util/virfile.c
> +++ b/src/util/virfile.c
> @@ -2812,12 +2812,18 @@ char *
> virFileSanitizePath(const char *path)
> {
> const char *cur = path;
> + char *uri;
> char *cleanpath;
> int idx = 0;
>
> if (VIR_STRDUP(cleanpath, path) < 0)
> return NULL;
>
> + /* don't sanitize URIs - rfc3986 states that two slashes may lead to a
> + * different resource, thus removing them would possibly change the path */
> + if ((uri = strstr(path, "://")) && strchr(path, '/') > uri)
> + return cleanpath;
> +
It took me a while to understand this condition, but I don't know how to
write it more simply.
ACK to both.
Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20150408/189688a6/attachment-0001.sig>
More information about the libvir-list
mailing list