[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Libguestfs] [PATCH v2v] Check that guest names don't contain illegal characters.



Maybe controversial, but we really must do something about sanitizing
names.  An alternative would be to escape the name before including it
in the RHEV XML.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
libguestfs lets you edit virtual machines.  Supports shell scripting,
bindings from many languages.  http://libguestfs.org
>From 09b3e6c59b9cacc0263170631a022bd873412390 Mon Sep 17 00:00:00 2001
From: Richard W.M. Jones <rjones redhat com>
Date: Tue, 22 Mar 2011 15:28:29 +0000
Subject: [PATCH 2/3] Check that guest names don't contain illegal characters.

---
 v2v/virt-v2v.pl |   10 ++++++++++
 1 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/v2v/virt-v2v.pl b/v2v/virt-v2v.pl
index a499924..264fe21 100755
--- a/v2v/virt-v2v.pl
+++ b/v2v/virt-v2v.pl
@@ -434,6 +434,16 @@ else {
 # Decide the name of the guest target.
 $output_name = $source->get_name() unless defined $output_name;
 
+# The regexp matches any unicode alphanumeric, underscore, and a range
+# of safe ASCII characters.  Note that we include the $output_name
+# string directly in XML so it must not contain < > &.  Libvirt allows
+# any character at all.  Hypervisors running under libvirt (except
+# libvirt-managed ones like KVM) will probably be more strict than
+# this simple test.
+v2vdie __x('Domain {name} contains illegal characters.  Use the "-on" option to rename the guest.',
+           name => $output_name)
+    if $output_name !~ m{^[-#\$%()*+,./:;=?\ {}\[\]\^\w]+$}i;
+
 # Check that the guest doesn't already exist on the target
 v2vdie __x('Domain {name} already exists on the target.',
            name => $output_name)
-- 
1.7.4.1


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]