Check that interface names only contain valid characters. Blank them out otherwise. Valid characters in this code are currently a-z,A-Z,0-9, '-' and '_'. Signed-off-by: Stefan Berger <stefanb(a)us.ibm.com&gt; --- src/conf/domain_conf.c | 9 ++++++++- src/conf/domain_conf.h | 3 +++ 2 files changed, 11 insertions(+), 1 deletion(-) Index: libvirt-acl/src/conf/domain_conf.c =================================================================== --- libvirt-acl.orig/src/conf/domain_conf.c +++ libvirt-acl/src/conf/domain_conf.c @@ -1776,6 +1776,11 @@ cleanup: } +static bool +isValidIfname(const char *ifname) { + return strspn(ifname, VALID_IFNAME_CHARS) == strlen(ifname); +} + /* Parse the XML definition for a network interface * @param node XML nodeset to parse for net definition @@ -1859,8 +1864,10 @@ virDomainNetDefParseXML(virCapsPtr caps, xmlStrEqual(cur->name, BAD_CAST "target")) { ifname = virXMLPropString(cur, "dev"); if ((ifname != NULL) && - (STRPREFIX((const char*)ifname, "vnet"))) { + ((STRPREFIX((const char*)ifname, "vnet")) || + (!isValidIfname(ifname)))) { /* An auto-generated target name, blank it out */ + /* blank out invalid interface names */ VIR_FREE(ifname); } } else if ((script == NULL) && Index: libvirt-acl/src/conf/domain_conf.h =================================================================== --- libvirt-acl.orig/src/conf/domain_conf.h +++ libvirt-acl/src/conf/domain_conf.h @@ -297,6 +297,9 @@ struct _virDomainNetDef { virNWFilterHashTablePtr filterparams; }; +#define VALID_IFNAME_CHARS \ + "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_" + enum virDomainChrTargetType { VIR_DOMAIN_CHR_TARGET_TYPE_NULL = 0, VIR_DOMAIN_CHR_TARGET_TYPE_MONITOR,