On Thu, Mar 25, 2010 at 12:44:42PM -0400, Stefan Berger wrote: > "Daniel P. Berrange" <berrange@xxxxxxxxxx> wrote on 03/25/2010 12:40:15 > PM: > > > > Please respond to "Daniel P. Berrange" > > > > On Thu, Mar 25, 2010 at 12:26:34PM -0400, Stefan Berger wrote: > > > libvir-list-bounces@xxxxxxxxxx wrote on 03/25/2010 11:59:11 AM: > > > > > > > > > > "Daniel P. Berrange" <berrange@xxxxxxxxxx> wrote on 03/25/2010 > 11:49:05 > > > AM: > > > > > > > > > Please respond to "Daniel P. Berrange" > > > > > > > > > > On Tue, Mar 23, 2010 at 10:54:17AM -0400, stefanb@xxxxxxxxxx > wrote: > > > > > > +/* > > > > > > + char macaddr[VIR_MAC_STRING_BUFLEN], > > > > > > + ipaddr[INET_ADDRSTRLEN], > > > > > > + number[20]; > > > > > > + char chain[MAX_CHAINNAME_LENGTH]; > > > > > > + virBuffer buf = VIR_BUFFER_INITIALIZER; > > > > > > + > > > > > > + if (nwfilter->chainsuffix == VIR_NWFILTER_CHAINSUFFIX_ROOT) > > > > > > + PRINT_ROOT_CHAIN(chain, chainPrefix, ifname); > > > > > > + else > > > > > > + PRINT_CHAIN(chain, chainPrefix, ifname, > > > > > > + virNWFilterChainSuffixTypeToString > > > > > (nwfilter->chainsuffix)); > > > > > > > > > > Since we're passing this into the shell, I think we should do > paranoid > > > > > validation on the 'chain' and 'ifname' fields, since they > ultimately > > > come > > > > > from the user specified XML. Validate that it only contains a-Z, > 0-0, > > > -, _ > > > > > > > > Actually the user specified XML only currently allows the chain > names > > > 'arp', > > > > 'ipv4', 'ipv6' and 'root'. Others will already be rejected when > > > > parsing the filter. > > > > > > > > > > Actually, yes, there's a problem with target device names like t\"t > that > > > do create an > > > interface named t\"t but end up creating an ebtables entry with > interface > > > t"t. So > > > if I don't go through bash it works correctly, otherwise it does not > and I > > > guess I > > > would need to escape the '\' with '\\\'. > > > > Such interface names are insane & we should just refuse them, rather > than > > trying todo escaping :-) > > Right, but at what level should they be refused? When such names are > parsed ? We should likely refuse it in the src/conf/domain_conf.c parser Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list