On 05/25/2010 09:49 AM, Cole Robinson wrote: >> This function is crying out for a real test case to be written and put >> under tests/, feeding it all sorts of evil input. >> > > Agreed, however I'm backtracking a bit on this, my next post is only > going to sanitize spurious /, like my original posting (but with the > original comments addressed). Which is all the more argument for a gnulib module that does text-based sanitization on the user's behalf. I'll see about adding that, and in the meantime,... > > A user can accidentally add an extra slash to a pool target, and its > reasonable to expect it won't cause cause problems, but the same can't > be said for relative path characters. This function is becoming > impossible to review (the current posting goes into infinite loop with a > path like /foo./bar), and most of the logic is not helping solve a real > world problem. > > This patch is going to be backported to a few places: less complex the > better. Oh, and I'm lazy :) I agree with Cole's approach of minimizing this particular fix to the particular problem raised. A fancy gnulib solution is not as important as a duplicated slash solution. -- Eric Blake eblake@xxxxxxxxxx +1-801-349-2682 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list