openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

network: check for invalid forward delay time 

When spanning tree protocol is allowed in bridge settings, forward delay
value is set as well (default is 0 if omitted). Until now, there was no
check for delay value validity. Delay makes sense only as a positive
numerical value.

Note: However, even if you provide positive  numerical value, brctl
utility only uses values from range <2,30>, so the number provided can
be modified (kernel most likely) to fall within this range.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1125764
This commit is contained in:
Erik Skultety 2014-09-15 10:42:15 +02:00 committed by Martin Kletzander
parent c29cad6732
commit 3aa0524104
2 changed files with 24 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/schemas/network.rng
View File

@ -62,7 +62,7 @@
<optional> <optional>
<attribute name="delay"> <attribute name="delay">
<data type="integer"/> <data type="unsignedLong"/>
</attribute> </attribute>
</optional> </optional>

38
src/conf/network_conf.c
View File

@ -2003,7 +2003,7 @@ static virNetworkDefPtr
virNetworkDefParseXML(xmlXPathContextPtr ctxt) virNetworkDefParseXML(xmlXPathContextPtr ctxt)
{ {
virNetworkDefPtr def; virNetworkDefPtr def;
char *tmp; char *tmp = NULL;
char *stp = NULL; char *stp = NULL;
xmlNodePtr *ipNodes = NULL; xmlNodePtr *ipNodes = NULL;
xmlNodePtr *routeNodes = NULL; xmlNodePtr *routeNodes = NULL;
@ -2037,7 +2037,6 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt)
} }
} else { } else {
if (virUUIDParse(tmp, def->uuid) < 0) { if (virUUIDParse(tmp, def->uuid) < 0) {
VIR_FREE(tmp);
virReportError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("malformed uuid element")); "%s", _("malformed uuid element"));
goto error; goto error;
@ -2078,8 +2077,16 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt)
stp = virXPathString("string(./bridge[1]/@stp)", ctxt); stp = virXPathString("string(./bridge[1]/@stp)", ctxt);
def->stp = (stp && STREQ(stp, "off")) ? false : true; def->stp = (stp && STREQ(stp, "off")) ? false : true;
if (virXPathULong("string(./bridge[1]/@delay)", ctxt, &def->delay) < 0) tmp = virXPathString("string(./bridge[1]/@delay)", ctxt);
def->delay = 0; if (tmp) {
if (virStrToLong_ulp(tmp, NULL, 10, &def->delay) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid delay value in network '%s'"),
def->name);
goto error;
}
}
VIR_FREE(tmp);
tmp = virXPathString("string(./mac[1]/@address)", ctxt); tmp = virXPathString("string(./mac[1]/@address)", ctxt);
if (tmp) { if (tmp) {
@ -2087,14 +2094,12 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt)
virReportError(VIR_ERR_XML_ERROR, virReportError(VIR_ERR_XML_ERROR,
_("Invalid bridge mac address '%s' in network '%s'"), _("Invalid bridge mac address '%s' in network '%s'"),
tmp, def->name); tmp, def->name);
VIR_FREE(tmp);
goto error; goto error;
} }
if (virMacAddrIsMulticast(&def->mac)) { if (virMacAddrIsMulticast(&def->mac)) {
virReportError(VIR_ERR_XML_ERROR, virReportError(VIR_ERR_XML_ERROR,
_("Invalid multicast bridge mac address '%s' in network '%s'"), _("Invalid multicast bridge mac address '%s' in network '%s'"),
tmp, def->name); tmp, def->name);
VIR_FREE(tmp);
goto error; goto error;
} }
VIR_FREE(tmp); VIR_FREE(tmp);
@ -2126,9 +2131,9 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt)
goto error; goto error;
/* parse each portgroup */ /* parse each portgroup */
for (i = 0; i < nPortGroups; i++) { for (i = 0; i < nPortGroups; i++) {
int ret = virNetworkPortGroupParseXML(&def->portGroups[i], if (virNetworkPortGroupParseXML(&def->portGroups[i],
portGroupNodes[i], ctxt); portGroupNodes[i],
if (ret < 0) ctxt) < 0)
goto error; goto error;
def->nPortGroups++; def->nPortGroups++;
} }
@ -2147,9 +2152,10 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt)
goto error; goto error;
/* parse each addr */ /* parse each addr */
for (i = 0; i < nIps; i++) { for (i = 0; i < nIps; i++) {
int ret = virNetworkIPDefParseXML(def->name, ipNodes[i], if (virNetworkIPDefParseXML(def->name,
ctxt, &def->ips[i]); ipNodes[i],
if (ret < 0) ctxt,
&def->ips[i]) < 0)
goto error; goto error;
def->nips++; def->nips++;
} }
@ -2168,9 +2174,10 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt)
goto error; goto error;
/* parse each definition */ /* parse each definition */
for (i = 0; i < nRoutes; i++) { for (i = 0; i < nRoutes; i++) {
int ret = virNetworkRouteDefParseXML(def->name, routeNodes[i], if (virNetworkRouteDefParseXML(def->name,
ctxt, &def->routes[i]); routeNodes[i],
if (ret < 0) ctxt,
&def->routes[i]) < 0)
goto error; goto error;
def->nroutes++; def->nroutes++;
} }
@ -2289,6 +2296,7 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt)
return def; return def;
error: error:
VIR_FREE(tmp);
VIR_FREE(routeNodes); VIR_FREE(routeNodes);
VIR_FREE(stp); VIR_FREE(stp);
virNetworkDefFree(def); virNetworkDefFree(def);