[Libguestfs] [libnbd PATCH 1/2] uri: Reject nbd:unix:/path/to/socket as invalid URI
libxml2 parses it as valid per RFC 3986, as the nbd: scheme with no
authority and a relative path. This string has been used with qemu to
request a Unix socket, such that nbdkit --run produces it for $nbd
(compared to $unixsocket), but accepting it as a URI means that we
instead try to connect to a TCP socket with a default authority
(localhost, port 10809), and nbdkit ignores the path element
'unix:/path/to/socket' and you end up with a connection (or an
attempt) to a completely different server.
All scheme://authority forms have a path that is either empty or
begins with '/'. This does not reject 'nbd:/path/to/socket' (with no
authority but an absolute path), but at least that form has not been
in use by qemu.
Reported-by: Martin Kletzander <mkletzan(a)redhat.com>
---
lib/connect.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/lib/connect.c b/lib/connect.c
index 96ed1ca..8b19e1e 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -291,12 +291,14 @@ nbd_unlocked_aio_connect_uri (struct nbd_handle *h, const char
*raw_uri)
* nbd_unlocked_set_tls_* to match...
*/
- /* Export name. */
+ /* Export name. Insist on the scheme://[authority][/absname] form. */
if (uri->path) {
if (uri->path[0] == '/')
r = nbd_unlocked_set_export_name (h, &uri->path[1]);
- else
- r = nbd_unlocked_set_export_name (h, uri->path);
+ else {
+ set_error (EINVAL, "URI must begin with '%s://'",
uri->scheme);
+ goto cleanup;
+ }
}
else
r = nbd_unlocked_set_export_name (h, "");
--
2.20.1