[libvirt] [PATCHv2] Ignore bridge template names with multiple printf conversions

Ján Tomko jtomko at redhat.com
Tue May 5 16:26:17 UTC 2015 

On Tue, May 05, 2015 at 10:14:18AM -0600, Eric Blake wrote:
> On 05/05/2015 10:05 AM, Ján Tomko wrote:
> > For some reason, we allow a bridge name with %d in it, which we replace
> > with an unsigned integer to form a bridge name that does not yet exist
> > on the host.
> > 
> > Do not blindly pass it to virAsprintf if it's not the only conversion,
> > to prevent crashing on input like:
> > 
> > <network>
> >   <name>test</name>
> >   <forward mode='none'/>
> >   <bridge name='virbr%d%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s'/>
> > </network>
> > 
> > Ignore any template strings that do not have exactly one %d conversion,
> > like we do in various drivers before calling virNetDevTapCreateInBridgePort.
> > ---
> > v2: drop the unnecessary changes in networkBridgeNameValidate
> > 
> >  src/network/bridge_driver.c | 8 +++++++-
> >  1 file changed, 7 insertions(+), 1 deletion(-)
> > 
> > diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
> > index 3b879cd..fe2448d 100644
> > --- a/src/network/bridge_driver.c
> > +++ b/src/network/bridge_driver.c
> > @@ -2775,7 +2775,13 @@ networkFindUnusedBridgeName(virNetworkObjListPtr nets,
> >  
> >      int ret = -1, id = 0;
> >      char *newname = NULL;
> > -    const char *templ = def->bridge ? def->bridge : "virbr%d";
> > +    const char *templ = "virbr%d";
> > +    const char *p;
> 
> Unused variable.
> 
> > +
> > +    if (def->bridge &&
> > +        (p = strchr(def->bridge, '%')) == strrchr(def->bridge, '%') &&
> > +        strstr(def->bridge, "%d"))
> 
> Simpler as:
> 
> if (def->bridge &&
>     strstr(def->bridge, "%d") == strrchr(def->bridge, '%'))

I still don't see it.

[A] strchr(def->bridge, '%')
[B] strrchr(def->bridge, '%')
[C] strstr(def->bridge, "%d"))

When def->bridge is '%s%s%s%d', [A] points to the first %s, [B] points
to the %d and so does [C]

This string would pass the simplified condition (B == C), but not the
full one (A != C)

Jan
> 
> ACK with that simplification.
> 
> -- 
> Eric Blake   eblake redhat com    +1-919-301-3266
> Libvirt virtualization library http://libvirt.org
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20150505/155f810f/attachment-0001.sig>

More information about the libvir-list mailing list