Re: [libvirt] [PATCH] Forbid use of ':' in RBD pool names

On Mon, May 13, 2013 at 02:00:31PM +0100, Daniel P. Berrange wrote: > From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; > > The QEMU command line syntax for RBD disks is > > file=rbd:pool/image:opt1=val1:opt2=val2... > > There is no way to escape the ':' if it appears in the > pool or image name. Thus it must be explicitly forbidden > if it occurs in the libvirt XML. People are known to > be abusing the lack of escaping in current libvirt to > pass arbitrary args to QEMU. Urgh, :-( > Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; > --- > src/qemu/qemu_command.c | 6 ++++ > ...qemuxml2argv-disk-drive-network-rbd-invalid.xml | 37 ++++++++++++++++++++++ > tests/qemuxml2argvtest.c | 5 +++ > 3 files changed, 48 insertions(+) > create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-invalid.xml > > diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c > index eddc263..c0cb250 100644 > --- a/src/qemu/qemu_command.c > +++ b/src/qemu/qemu_command.c > @@ -2383,6 +2383,12 @@ qemuBuildRBDString(virConnectPtr conn, > char *secret = NULL; > size_t secret_size; > > + if (strchr(disk->src, ':')) { > + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, > + _("':' not allowed in RBD source volume name")); > + return -1; > + } > + > virBufferEscape(opt, ',', ",", "rbd:%s", disk->src); > if (disk->auth.username) { > virBufferEscape(opt, '\\', ":", ":id=%s", disk->auth.username); > diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-invalid.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-invalid.xml > new file mode 100644 > index 0000000..e8d3280 > --- /dev/null > +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-invalid.xml > @@ -0,0 +1,37 @@ > +<domain type='qemu'> > + <name>QEMUGuest1</name> > + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> > + <memory unit='KiB'>219136</memory> > + <currentMemory unit='KiB'>219136</currentMemory> > + <vcpu placement='static'>1</vcpu> > + <os> > + <type arch='i686' machine='pc'>hvm</type> > + <boot dev='hd'/> > + </os> > + <clock offset='utc'/> > + <on_poweroff>destroy</on_poweroff> > + <on_reboot>restart</on_reboot> > + <on_crash>destroy</on_crash> > + <devices> > + <emulator>/usr/bin/qemu</emulator> > + <disk type='block' device='disk'> > + <driver name='qemu' type='raw'/> > + <source dev='/dev/HostVG/QEMUGuest1'/> > + <target dev='hda' bus='ide'/> > + <address type='drive' controller='0' bus='0' target='0' unit='0'/> > + </disk> > + <disk type='network' device='disk'> > + <driver name='qemu' type='raw'/> > + <source protocol='rbd' name='poolname/imagename:rbd_cache=1:rbd_cache_size=67108864:rbd_cache_max_dirty=0'> >