[libvirt] [PATCH 2/2] qemu: Prevent storage causing too much nested XML

Eric Blake eblake at redhat.com
Wed Sep 4 16:54:38 UTC 2019 

On 9/4/19 10:34 AM, Peter Krempa wrote:
> Since libvirt stores the backing chain into the XML in a nested way it
> is the prime possibility to hit libxml2's parsing limit of 256 layers.

Nasty that libxml2 is forcing us into this arbitrary limit, but it is
some rather hairy setup to get there.

> 
> Introduce code which will crawl the backing chain and verify that it's
> not too deep. The maximum nesting is set to 200 layers so that there's
> still some space left for attitional properties or nesting into snapshot

additional

> XMLs.
> 
> The check is applied to all disk use cases (starting, hotplug, media
> change) as well as block copy which changes image and snapshots.
> 
> We simply report an error and refuse the operation.
> 
> Without this check a restart of libvirtd would result in the status XML
> failing to be parsed and thus losing the VM.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=1524278
> 
> Signed-off-by: Peter Krempa <pkrempa at redhat.com>
> ---


> + *
> + * This function validates that the storage source chain starting @src is at
> + * most 200 layers deep. @add allows to modify the calculated value to offset

s/allows to modify/modifies/

> + * the number to allow checking cases when new layers are going to be added
> + * to the chain.

Or maybe even:  @add represents any pre-existing chain depth when
preparing to add this source to a chain.

> + *
> + * Returns 0 on success and -1 if the chain is too deep. Error is reported.
> + */
> +int
> +qemuDomainStorageSourceValidateDepth(virStorageSourcePtr src,
> +                                     int add,
> +                                     const char *diskdst)

Otherwise makes sense to me.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20190904/9d1dd62d/attachment-0001.sig>

More information about the libvir-list mailing list