From patchwork Tue Apr 26 19:21:36 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Cole Robinson <crobinso@redhat.com>
X-Patchwork-Id: 66729
Delivered-To: patch@linaro.org
Received: by 10.140.93.198 with SMTP id d64csp1792781qge;
 Tue, 26 Apr 2016 12:24:41 -0700 (PDT)
X-Received: by 10.55.173.5 with SMTP id w5mr4383138qke.115.1461698681937;
 Tue, 26 Apr 2016 12:24:41 -0700 (PDT)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx5-phx2.redhat.com (mx5-phx2.redhat.com. [209.132.183.37])
 by mx.google.com with ESMTPS id p8si27433qkl.238.2016.04.26.12.24.40
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Tue, 26 Apr 2016 12:24:41 -0700 (PDT)
Received-SPF: pass (google.com: domain of libvir-list-bounces@redhat.com
 designates 209.132.183.37 as permitted sender)
 client-ip=209.132.183.37; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: domain of libvir-list-bounces@redhat.com
 designates 209.132.183.37 as permitted sender)
 smtp.mailfrom=libvir-list-bounces@redhat.com
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
 by mx5-phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u3QJM9EQ063613; 
 Tue, 26 Apr 2016 15:22:09 -0400
Received: from int-mx09.intmail.prod.int.phx2.redhat.com
 (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22])
 by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with
 ESMTP
 id u3QJLhkL003914 for <libvir-list@listman.util.phx.redhat.com>;
 Tue, 26 Apr 2016 15:21:43 -0400
Received: from colepc.redhat.com (ovpn-113-44.phx2.redhat.com [10.3.113.44])
 by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with
 ESMTP id u3QJLgAW019416; Tue, 26 Apr 2016 15:21:43 -0400
From: Cole Robinson <crobinso@redhat.com>
To: libvirt-list@redhat.com
Date: Tue, 26 Apr 2016 15:21:36 -0400
Message-Id: <6cc87185d96e779ace873fc1896e8c2c2927634b.1461697488.git.crobinso@redhat.com>
In-Reply-To: <cover.1461697488.git.crobinso@redhat.com>
References: <cover.1461697488.git.crobinso@redhat.com>
In-Reply-To: <cover.1461697488.git.crobinso@redhat.com>
References: <cover.1461697488.git.crobinso@redhat.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH 1/3] conf: domain: reject name containing '/'
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com

Trying to define a domain name containing an embedded '/'
will immediately fail when trying to write the XML to disk for
our stateful drivers. This patch explicitly rejects names
containing a '/', and provides an xmlopt feature for drivers
to avoid this validation check, which is enabled in every
non-stateful driver that already has xmlopt handling wired up.

(Technically this could reject a previously accepted vmname like
 '/foo', however at least for the qemu driver that falls over
 later when starting qemu)

https://bugzilla.redhat.com/show_bug.cgi?id=639923
---
 src/conf/domain_conf.c                                 |  8 ++++++++
 src/conf/domain_conf.h                                 |  1 +
 src/openvz/openvz_driver.c                             |  5 +++--
 src/phyp/phyp_driver.c                                 |  1 +
 src/vbox/vbox_common.c                                 |  1 +
 src/vmx/vmx.c                                          |  3 ++-
 src/xenapi/xenapi_driver.c                             |  1 +
 tests/genericxml2xmlindata/generic-name-slash-fail.xml | 17 +++++++++++++++++
 tests/genericxml2xmltest.c                             |  3 +++
 9 files changed, 37 insertions(+), 3 deletions(-)
 create mode 100644 tests/genericxml2xmlindata/generic-name-slash-fail.xml

-- 
2.7.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index db567f5..113c9a9 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -4284,6 +4284,14 @@ virDomainDefPostParseCheckFeatures(virDomainDefPtr def,
     if (UNSUPPORTED(VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN))
         virDomainDefRemoveOfflineVcpuPin(def);
 
+    if (UNSUPPORTED(VIR_DOMAIN_DEF_FEATURE_NAME_SLASH)) {
+        if (def->name && strchr(def->name, '/')) {
+            virReportError(VIR_ERR_XML_ERROR,
+                           _("name %s cannot contain '/'"), def->name);
+            return -1;
+        }
+    }
+
     return 0;
 }
 
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index fd540ed..eb2127c 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2442,6 +2442,7 @@ typedef enum {
     VIR_DOMAIN_DEF_FEATURE_WIDE_SCSI = (1 << 0),
     VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG = (1 << 1),
     VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN = (1 << 2),
+    VIR_DOMAIN_DEF_FEATURE_NAME_SLASH = (1 << 3),
 } virDomainDefFeatures;
 
 
diff --git a/src/openvz/openvz_driver.c b/src/openvz/openvz_driver.c
index e154a0f..a7474ff 100644
--- a/src/openvz/openvz_driver.c
+++ b/src/openvz/openvz_driver.c
@@ -128,8 +128,9 @@ openvzDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
 
 
 virDomainDefParserConfig openvzDomainDefParserConfig = {
-        .domainPostParseCallback = openvzDomainDefPostParse,
-        .devicesPostParseCallback = openvzDomainDeviceDefPostParse,
+    .domainPostParseCallback = openvzDomainDefPostParse,
+    .devicesPostParseCallback = openvzDomainDeviceDefPostParse,
+    .features = VIR_DOMAIN_DEF_FEATURE_NAME_SLASH,
 };
 
 
diff --git a/src/phyp/phyp_driver.c b/src/phyp/phyp_driver.c
index 55a63e7..da87686 100644
--- a/src/phyp/phyp_driver.c
+++ b/src/phyp/phyp_driver.c
@@ -1117,6 +1117,7 @@ phypDomainDeviceDefPostParse(virDomainDeviceDefPtr dev ATTRIBUTE_UNUSED,
 virDomainDefParserConfig virPhypDriverDomainDefParserConfig = {
     .devicesPostParseCallback = phypDomainDeviceDefPostParse,
     .domainPostParseCallback = phypDomainDefPostParse,
+    .features = VIR_DOMAIN_DEF_FEATURE_NAME_SLASH,
 };
 
 
diff --git a/src/vbox/vbox_common.c b/src/vbox/vbox_common.c
index 82286a8..abfb30a 100644
--- a/src/vbox/vbox_common.c
+++ b/src/vbox/vbox_common.c
@@ -273,6 +273,7 @@ static virDomainDefParserConfig vboxDomainDefParserConfig = {
     .macPrefix = { 0x08, 0x00, 0x27 },
     .devicesPostParseCallback = vboxDomainDeviceDefPostParse,
     .domainPostParseCallback = vboxDomainDefPostParse,
+    .features = VIR_DOMAIN_DEF_FEATURE_NAME_SLASH,
 };
 
 static virDomainXMLOptionPtr
diff --git a/src/vmx/vmx.c b/src/vmx/vmx.c
index 8c4b4bb..5e57c39 100644
--- a/src/vmx/vmx.c
+++ b/src/vmx/vmx.c
@@ -547,7 +547,8 @@ static virDomainDefParserConfig virVMXDomainDefParserConfig = {
     .macPrefix = {0x00, 0x0c, 0x29},
     .devicesPostParseCallback = virVMXDomainDevicesDefPostParse,
     .domainPostParseCallback = virVMXDomainDefPostParse,
-    .features = VIR_DOMAIN_DEF_FEATURE_WIDE_SCSI,
+    .features = (VIR_DOMAIN_DEF_FEATURE_WIDE_SCSI |
+                 VIR_DOMAIN_DEF_FEATURE_NAME_SLASH),
 };
 
 static void
diff --git a/src/xenapi/xenapi_driver.c b/src/xenapi/xenapi_driver.c
index a75a4f7..97a1ada 100644
--- a/src/xenapi/xenapi_driver.c
+++ b/src/xenapi/xenapi_driver.c
@@ -88,6 +88,7 @@ xenapiDomainDefPostParse(virDomainDefPtr def,
 virDomainDefParserConfig xenapiDomainDefParserConfig = {
     .devicesPostParseCallback = xenapiDomainDeviceDefPostParse,
     .domainPostParseCallback = xenapiDomainDefPostParse,
+    .features = VIR_DOMAIN_DEF_FEATURE_NAME_SLASH,
 };
 
 
diff --git a/tests/genericxml2xmlindata/generic-name-slash-fail.xml b/tests/genericxml2xmlindata/generic-name-slash-fail.xml
new file mode 100644
index 0000000..4cdb834
--- /dev/null
+++ b/tests/genericxml2xmlindata/generic-name-slash-fail.xml
@@ -0,0 +1,17 @@
+<domain type='qemu'>
+  <name>foo/bar</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit='KiB'>219136</memory>
+  <currentMemory unit='KiB'>219136</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='i686' machine='pc'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+  </devices>
+</domain>
diff --git a/tests/genericxml2xmltest.c b/tests/genericxml2xmltest.c
index 05563fb..70a5203 100644
--- a/tests/genericxml2xmltest.c
+++ b/tests/genericxml2xmltest.c
@@ -81,6 +81,9 @@ mymain(void)
     DO_TEST_FULL("graphics-listen-back-compat-mismatch", 0, false,
         TEST_COMPARE_DOM_XML2XML_RESULT_FAIL_PARSE);
 
+    DO_TEST_FULL("name-slash-parse", 0, false,
+        TEST_COMPARE_DOM_XML2XML_RESULT_FAIL_PARSE);
+
     virObjectUnref(caps);
     virObjectUnref(xmlopt);