
On Sat, Oct 02, 2010 at 10:09:31PM +0200, Matthias Bolte wrote:
2010/10/2 Richard W.M. Jones <rjones@redhat.com>:
Does libvirt enforce any sort of validity of characters in guest names?
Someone tried to create a domain called '#' (the single hash character) and noted that this caused failures in virt-tools:
https://bugzilla.redhat.com/show_bug.cgi?id=639601 https://bugzilla.redhat.com/show_bug.cgi?id=639602
Had a look at the code but couldn't see anything obvious: It seems like libvirt delegates this entirely to the drivers, the drivers (probably) all call virDomainDefParseXML, and this function does no checking that I could see.
If my analysis is correct, this could be dangerous. What if the name contains a character that is special to the qemu command line (','), to XML ('>'), or to C ()?
Actually there are more places in libvirt that are prone to certain characters in the domain name. The domain name is used as part of a file name in several places. For example per-domain log files in /var/log/libvirt/*/<domain name>.log will have trouble with a / in the domain name.
Indeed. I'm sure we need a whitelist, not a blacklist as suggested by the other comment. All domains I'd ever want to create would match the regexp ^[[:alpha:]][-_[:alnum:]]*$ This might break existing users however. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones libguestfs lets you edit virtual machines. Supports shell scripting, bindings from many languages. http://et.redhat.com/~rjones/libguestfs/ See what it can do: http://et.redhat.com/~rjones/libguestfs/recipes.html