[libvirt] [PATCH v3] conf: virDomainDefValidateInternal prohibit some characters in shmem name

[Simon Kobyda]

Validate that the provided XML shmem name is not directory specific "."
or ".." names as well as ensuring that there is no path separator '/' in
the name.

https://bugzilla.redhat.com/show_bug.cgi?id=1192400

Signed-off-by: Simon Kobyda <skobyda at redhat.com>
---
Changes in v3:
- moved the functionality to virDomainDeviceDefValidateInternal
- documented changes in docs/formatdomain.html.in

 docs/formatdomain.html.in |  4 +++-
 src/conf/domain_conf.c    | 29 ++++++++++++++++++++++++++++-
 2 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index a3afe137bf..f18ca6fc64 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -8017,7 +8017,9 @@ qemu-kvm -net nic,model=? /dev/null
     <dt><code>shmem</code></dt>
     <dd>
       The <code>shmem</code> element has one mandatory attribute,
-      <code>name</code> to identify the shared memory.
+      <code>name</code> to identify the shared memory. This attribute cannot
+      be directory specific to <code>.</code> or <code>..</code> as well as
+      it cannot involve path separator <code>/</code>.
     </dd>
     <dt><code>model</code></dt>
     <dd>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 7ab2953d83..415c03c56f 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -5696,6 +5696,31 @@ virDomainVsockDefValidate(const virDomainVsockDef *vsock)
 }
 
 
+static int
+virDomainShmemDefValidate(const virDomainShmemDef *shmem)
+{
+    if (strchr(shmem->name, '/')) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("shmem name cannot include '/' character"));
+        return -1;
+    }
+
+    if (STREQ(shmem->name, ".")) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("shmem name cannot be equal to '.'"));
+        return -1;
+    }
+
+    if (STREQ(shmem->name, "..")) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("shmem name cannot be equal to '..'"));
+        return -1;
+    }
+
+    return 0;
+}
+
+
 static int
 virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev,
                                    const virDomainDef *def)
@@ -5734,6 +5759,9 @@ virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev,
     case VIR_DOMAIN_DEVICE_VSOCK:
         return virDomainVsockDefValidate(dev->data.vsock);
 
+    case VIR_DOMAIN_DEVICE_SHMEM:
+        return virDomainShmemDefValidate(dev->data.shmem);
+
     case VIR_DOMAIN_DEVICE_LEASE:
     case VIR_DOMAIN_DEVICE_FS:
     case VIR_DOMAIN_DEVICE_INPUT:
@@ -5743,7 +5771,6 @@ virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev,
     case VIR_DOMAIN_DEVICE_HUB:
     case VIR_DOMAIN_DEVICE_MEMBALLOON:
     case VIR_DOMAIN_DEVICE_NVRAM:
-    case VIR_DOMAIN_DEVICE_SHMEM:
     case VIR_DOMAIN_DEVICE_TPM:
     case VIR_DOMAIN_DEVICE_PANIC:
     case VIR_DOMAIN_DEVICE_IOMMU:
-- 
2.17.1