Re: [libvirt] Valid characters in domain names?
On Sat, Oct 02, 2010 at 10:09:31PM +0200, Matthias Bolte wrote:
2010/10/2 Richard W.M. Jones <rjones(a)redhat.com>:
> Does libvirt enforce any sort of validity of characters in guest names?
>
> Someone tried to create a domain called '#' (the single hash
> character) and noted that this caused failures in virt-tools:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=639601
> https://bugzilla.redhat.com/show_bug.cgi?id=639602
>
> Had a look at the code but couldn't see anything obvious: It seems
> like libvirt delegates this entirely to the drivers, the drivers
> (probably) all call virDomainDefParseXML, and this function does no
> checking that I could see.
>
> If my analysis is correct, this could be dangerous. What if the name
> contains a character that is special to the qemu command line (','),
> to XML ('>'), or to C (�)?
>
Actually there are more places in libvirt that are prone to certain
characters in the domain name. The domain name is used as part of a
file name in several places. For example per-domain log files in
/var/log/libvirt/*/<domain name>.log will have trouble with a / in the
domain name.
Indeed. I'm sure we need a whitelist, not a blacklist as suggested by
the other comment. All domains I'd ever want to create would match
the regexp
^[[:alpha:]][-_[:alnum:]]*$
This might break existing users however.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://et.redhat.com/~rjones/libguestfs/
See what it can do: http://et.redhat.com/~rjones/libguestfs/recipes.html