Similarly to 790f912b4 which rejects snapshots names containing,
this commit changes virDomainSaveXML to reject domains with a '/'
in their name. The domain name is used as a filename, so this
leads to unexpected results when used in combination with '..'
---
If someone is using domains with '/' in their name, this will cause a
regression for them as libvirt will no longer be able to re-write the
domain XML and will just fail. However, if someone is (ab)using this,
the domain must end up in an already existing directory as libvirt will
not create it so this is hopefully unconvenient enough that noone is
doing that.
If we only want to error out on new domain creation, this may be doable
by introducing a virDomainSaveXMLFlags, but will be more invasive.
Christophe
src/conf/domain_conf.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 85a798d..86641d6 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -14728,6 +14728,14 @@ int virDomainSaveXML(const char *configDir,
char *configFile = NULL;
int ret = -1;
+ if (strchr(def->name, '/')) {
+ virReportError(VIR_ERR_XML_DETAIL,
+ _("invalid domain name '%s': name can't contain '/'"),
+ def->name);
+ goto cleanup;
+
+ }
+
if ((configFile = virDomainConfigFile(configDir, def->name)) == NULL)
goto cleanup;
--
1.8.1
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list