[libvirt] [PATCH] Ignore bridge template names with multiple printf conversions

Ján Tomko jtomko at redhat.com
Tue May 5 07:34:15 UTC 2015 

On Thu, Apr 30, 2015 at 08:21:34AM -0600, Eric Blake wrote:
> On 04/30/2015 06:28 AM, Ján Tomko wrote:
> > For some reason, we allow a bridge name with %d in it, which we replace
> > with an unsigned integer to form a bridge name that does not yet exist
> > on the host.
> > 
> > Do not blindly pass it to virAsprintf if it's not the only conversion,
> > to prevent crashing on input like:
> > 
> > <network>
> >   <name>test</name>
> >   <forward mode='none'/>
> >   <bridge name='virbr%d%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s'/>
> > </network>
> > 
> > Ignore any template strings that do not have exactly one %d conversion,
> > like we do in various drivers before calling virNetDevTapCreateInBridgePort.
> > ---
> 
> > +    if (def->bridge &&
> > +        (p = strchr(def->bridge, '%')) == strrchr(def->bridge, '%') &&
> > +        strstr(def->bridge, "%d"))
> 
> Shorter:
> 
> if (def->bridge &&
>     strstr(def->bridge, "%d") == strrchr(def->bridge, '%'))
> 

This only checks if there are no '%' characters after the first "%d",
it would still let "br%s%d" through.

> > @@ -2809,7 +2815,7 @@ networkFindUnusedBridgeName(virNetworkObjListPtr nets,
> >  
> >  /*
> >   * networkValidateBridgeName() - if no bridge name is set, or if the
> > - * bridge name contains a %d (indicating that this is a template for
> > + * bridge name contains a % (indicating that this is a template for
> 
> No need to change this comment any more.
> 
> >   * the actual name) try to set an appropriate bridge name.  If a
> >   * bridge name *is* set, make sure it doesn't conflict with any other
> >   * network's bridge name.
> > @@ -2820,7 +2826,7 @@ networkBridgeNameValidate(virNetworkObjListPtr nets,
> >  {
> >      int ret = -1;
> >  
> > -    if (def->bridge && !strstr(def->bridge, "%d")) {
> > +    if (def->bridge && !strchr(def->bridge, '%')) {
> 
> I'm also not sure we need to change this.
> 

Right, this is only used with STREQ.

Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20150505/33156787/attachment-0001.sig>

More information about the libvir-list mailing list