Validate that the provided XML shmem name is not directory specific "." or ".." names as well as ensuring that there is no path separator '/' in the name. https://bugzilla.redhat.com/show_bug.cgi?id=1192400 Signed-off-by: Simon Kobyda <skobyda(a)redhat.com&gt; --- Changes in v3: - moved the functionality to virDomainDeviceDefValidateInternal - documented changes in docs/formatdomain.html.in docs/formatdomain.html.in | 4 +++- src/conf/domain_conf.c | 29 ++++++++++++++++++++++++++++- 2 files changed, 31 insertions(+), 2 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index a3afe137bf..f18ca6fc64 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -8017,7 +8017,9 @@ qemu-kvm -net nic,model=? /dev/null <dt><code>shmem</code></dt> <dd> The <code>shmem</code> element has one mandatory attribute, - <code>name</code> to identify the shared memory. + <code>name</code> to identify the shared memory. This attribute cannot + be directory specific to <code>.</code> or <code>..</code> as well as + it cannot involve path separator <code>/</code>. </dd> <dt><code>model</code></dt> <dd> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 7ab2953d83..415c03c56f 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -5696,6 +5696,31 @@ virDomainVsockDefValidate(const virDomainVsockDef *vsock) } +static int +virDomainShmemDefValidate(const virDomainShmemDef *shmem) +{ + if (strchr(shmem->name, '/')) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("shmem name cannot include '/' character")); + return -1; + } + + if (STREQ(shmem->name, ".")) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("shmem name cannot be equal to '.'")); + return -1; + } + + if (STREQ(shmem->name, "..")) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("shmem name cannot be equal to '..'")); + return -1; + } + + return 0; +} + + static int virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev, const virDomainDef *def) @@ -5734,6 +5759,9 @@ virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev, case VIR_DOMAIN_DEVICE_VSOCK: return virDomainVsockDefValidate(dev->data.vsock); + case VIR_DOMAIN_DEVICE_SHMEM: + return virDomainShmemDefValidate(dev->data.shmem); + case VIR_DOMAIN_DEVICE_LEASE: case VIR_DOMAIN_DEVICE_FS: case VIR_DOMAIN_DEVICE_INPUT: @@ -5743,7 +5771,6 @@ virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev, case VIR_DOMAIN_DEVICE_HUB: case VIR_DOMAIN_DEVICE_MEMBALLOON: case VIR_DOMAIN_DEVICE_NVRAM: - case VIR_DOMAIN_DEVICE_SHMEM: case VIR_DOMAIN_DEVICE_TPM: case VIR_DOMAIN_DEVICE_PANIC: case VIR_DOMAIN_DEVICE_IOMMU: -- 2.17.1