On Fri, Dec 10, 2021 at 06:22:04AM -0800, Andrea Bolognani wrote:
On Fri, Dec 10, 2021 at 02:06:18PM +0000, Daniel P. Berrangé wrote:
> On Fri, Dec 10, 2021 at 05:47:41AM -0800, Andrea Bolognani wrote:
> > I entertained the thought of adding the check to virURIParse()
> > directly, because I can't think of a scenario where having a NULL
> > scheme would be considered valid. But that seemed like a change that
> > had the potential to break unrelated stuff, so I cowardly decided to
> > go with the safe version instead O:-)
>
> We've supported URIs without a scheme in the past. IIRC, we allowed
> a bath path to a UNIX socket for the original Xen driver. That
> code is deleted now of course.
So do you think it would be possible to perform more strict
validation in virURIParse() and reject this kind of wonky input
outright at this point?
Probably, though calling it wonky input is a bit misleading. It
is valid from a URI pov, it is just that libvirt doesn't need
this ability to omit the scheme. I'd want to double check all
the callers of virURIParse to be sure first though
Regards,
Daniel
--
|:
https://berrange.com -o-
https://www.flickr.com/photos/dberrange :|
|:
https://libvirt.org -o-
https://fstop138.berrange.com :|
|:
https://entangle-photo.org -o-
https://www.instagram.com/dberrange :|