conf: virDomainDefValidateInternal prohibit some characters in shmem name

Validate that the provided XML shmem name is not directory specific to "." or ".." as well as ensure that there is no path separator '/' in the name. https://bugzilla.redhat.com/show_bug.cgi?id=1192400 Signed-off-by: Simon Kobyda <skobyda@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2018-08-01 17:50:03 +02:00 · 2018-08-01 17:50:03 +02:00 · 9ff956b26a
parent e63aa3c664
commit 9ff956b26a
2 changed files with 31 additions and 2 deletions
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@ -8094,7 +8094,9 @@ qemu-kvm -net nic,model=? /dev/null
    <dt><code>shmem</code></dt>
    <dd>
      The <code>shmem</code> element has one mandatory attribute,
-      <code>name</code> to identify the shared memory.
+      <code>name</code> to identify the shared memory. This attribute cannot
+      be directory specific to <code>.</code> or <code>..</code> as well as
+      it cannot involve path separator <code>/</code>.
    </dd>
    <dt><code>model</code></dt>
    <dd>
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@ -5747,6 +5747,31 @@ virDomainInputDefValidate(const virDomainInputDef *input)
 }


+static int
+virDomainShmemDefValidate(const virDomainShmemDef *shmem)
+{
+    if (strchr(shmem->name, '/')) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("shmem name cannot include '/' character"));
+        return -1;
+    }
+
+    if (STREQ(shmem->name, ".")) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("shmem name cannot be equal to '.'"));
+        return -1;
+    }
+
+    if (STREQ(shmem->name, "..")) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("shmem name cannot be equal to '..'"));
+        return -1;
+    }
+
+    return 0;
+}
+
+
 static int
 virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev,
                                   const virDomainDef *def)
@ -5788,6 +5813,9 @@ virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev,
    case VIR_DOMAIN_DEVICE_INPUT:
        return virDomainInputDefValidate(dev->data.input);

+    case VIR_DOMAIN_DEVICE_SHMEM:
+        return virDomainShmemDefValidate(dev->data.shmem);
+
    case VIR_DOMAIN_DEVICE_LEASE:
    case VIR_DOMAIN_DEVICE_FS:
    case VIR_DOMAIN_DEVICE_SOUND:
@ -5796,7 +5824,6 @@ virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev,
    case VIR_DOMAIN_DEVICE_HUB:
    case VIR_DOMAIN_DEVICE_MEMBALLOON:
    case VIR_DOMAIN_DEVICE_NVRAM:
-    case VIR_DOMAIN_DEVICE_SHMEM:
    case VIR_DOMAIN_DEVICE_TPM:
    case VIR_DOMAIN_DEVICE_PANIC:
    case VIR_DOMAIN_DEVICE_IOMMU: