Re: [libvirt] [PATCH] qemu: Forbid slashes in shmem name

On Fri, Feb 10, 2017 at 09:07:36AM -0500, John Ferlan wrote: > > > On 02/02/2017 08:14 AM, Martin Kletzander wrote: > > With that users could access files outside /dev/shm. That itself > > isn't a security problem, but might cause some errors we want to > > avoid. So let's forbid slashes as we do with domain and volume names > > and also mention that in the schema. > > > > Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1395496 > > > > Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com&gt; > > --- > > docs/schemas/domaincommon.rng | 6 +++++- > > src/qemu/qemu_process.c | 23 +++++++++++++++++++++++ > > 2 files changed, 28 insertions(+), 1 deletion(-) > > > > This was really familiar... hmm.. oh yeah... > > Can/should virXMLCheckIllegalChars be used? > > See commits ae381879f, dc40dd60, and e1b81968 > > Likewise, makes me wonder if the *.rng for all those would need some > sort of updating to remove chance that a '\n' exists like you've done > here for the '/' character. > > Secondary of course is should the failure be in Parse rather than > checking at startup time? The fact that we need to forbid '/' due to it being interpreted as a path, is an artifact of the QEMU implementation. Other drivers might not map the names into file paths. So checking in QEMU driver code is correct.