Hunt interface names through a regular expression matcher to check whether they only contain valid characters.
Valid characters in this code are currently a-z,A-Z,0-9, and '_'.
Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>
---
src/conf/domain_conf.c | 22 +++++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)
Index: libvirt-acl/src/conf/domain_conf.c
===================================================================
--- libvirt-acl.orig/src/conf/domain_conf.c
+++ libvirt-acl/src/conf/domain_conf.c
@@ -28,6 +28,7 @@
#include <unistd.h>
#include <fcntl.h>
#include <dirent.h>
+#include <regex.h>
#include "virterror_internal.h"
#include "datatypes.h"
@@ -1776,6 +1777,23 @@ cleanup:
}
+static bool
+isValidIfname(const char *ifname) {
+ int rc = 1;
+ regex_t regex_ifname;
+
+ if (regcomp(®ex_ifname, "^[a-zA-Z0-9_]+$",
+ REG_NOSUB|REG_EXTENDED) != 0)
+ return 0;
+
+ if (regexec(®ex_ifname, ifname, 0, NULL, 0) != 0)
+ rc = 0;
+
+ regfree(®ex_ifname);
+ return rc;
+}
+
+
/* Parse the XML definition for a network interface
* @param node XML nodeset to parse for net definition
@@ -1859,8 +1877,10 @@ virDomainNetDefParseXML(virCapsPtr caps,
xmlStrEqual(cur->name, BAD_CAST "target")) {
ifname = virXMLPropString(cur, "dev");
if ((ifname != NULL) &&
- (STRPREFIX((const char*)ifname, "vnet"))) {
+ ((STRPREFIX((const char*)ifname, "vnet")) ||
+ (!isValidIfname(ifname)))) {
/* An auto-generated target name, blank it out */
+ /* blank out invalid interface names */
VIR_FREE(ifname);
}
} else if ((script == NULL) &&
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list