10:31 a.m.
Maybe controversial, but we really must do something about sanitizing
names. An alternative would be to escape the name before including it
in the RHEV XML.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org
10:50 a.m.
On 22/03/11 15:31, Richard W.M. Jones wrote:
> From 09b3e6c59b9cacc0263170631a022bd873412390 Mon Sep 17 00:00:00
2001
From: Richard W.M. Jones<rjones(a)redhat.com>
Date: Tue, 22 Mar 2011 15:28:29 +0000
Subject: [PATCH 2/3] Check that guest names don't contain illegal characters.
---
v2v/virt-v2v.pl | 10 ++++++++++
1 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/v2v/virt-v2v.pl b/v2v/virt-v2v.pl
index a499924..264fe21 100755
--- a/v2v/virt-v2v.pl
+++ b/v2v/virt-v2v.pl
@@ -434,6 +434,16 @@ else {
# Decide the name of the guest target.
$output_name = $source->get_name() unless defined $output_name;
+# The regexp matches any unicode alphanumeric, underscore, and a range
+# of safe ASCII characters. Note that we include the $output_name
+# string directly in XML so it must not contain< > &. Libvirt allows
+# any character at all. Hypervisors running under libvirt (except
+# libvirt-managed ones like KVM) will probably be more strict than
+# this simple test.
+v2vdie __x('Domain {name} contains illegal characters. Use the "-on"
option to rename the guest.',
+ name => $output_name)
+ if $output_name !~ m{^[-#\$%()*+,./:;=?\@{}\[\]\^\w]+$}i;
+
# Check that the guest doesn't already exist on the target
v2vdie __x('Domain {name} already exists on the target.',
name => $output_name)
-- 1.7.4.1
Is there any reason for this restriction other than the XML escaping
issue? If not, I'd prefer to fix the escaping directly and leave this out.
Matt
--
Matthew Booth, RHCA, RHCSS
Red Hat Engineering, Virtualisation Team
GPG ID: D33C3490
GPG FPR: 3733 612D 2D05 5458 8A8A 1600 3441 EA19 D33C 3490
11:09 a.m.
On Tue, Mar 22, 2011 at 03:50:39PM +0000, Matthew Booth wrote:
On 22/03/11 15:31, Richard W.M. Jones wrote:
>>From 09b3e6c59b9cacc0263170631a022bd873412390 Mon Sep 17 00:00:00 2001
>From: Richard W.M. Jones<rjones(a)redhat.com>
>Date: Tue, 22 Mar 2011 15:28:29 +0000
>Subject: [PATCH 2/3] Check that guest names don't contain illegal characters.
>
>---
> v2v/virt-v2v.pl | 10 ++++++++++
> 1 files changed, 10 insertions(+), 0 deletions(-)
>
>diff --git a/v2v/virt-v2v.pl b/v2v/virt-v2v.pl
>index a499924..264fe21 100755
>--- a/v2v/virt-v2v.pl
>+++ b/v2v/virt-v2v.pl
>@@ -434,6 +434,16 @@ else {
> # Decide the name of the guest target.
> $output_name = $source->get_name() unless defined $output_name;
>
>+# The regexp matches any unicode alphanumeric, underscore, and a range
>+# of safe ASCII characters. Note that we include the $output_name
>+# string directly in XML so it must not contain< > &. Libvirt allows
>+# any character at all. Hypervisors running under libvirt (except
>+# libvirt-managed ones like KVM) will probably be more strict than
>+# this simple test.
>+v2vdie __x('Domain {name} contains illegal characters. Use the "-on"
option to rename the guest.',
>+ name => $output_name)
>+ if $output_name !~ m{^[-#\$%()*+,./:;=?\@{}\[\]\^\w]+$}i;
>+
> # Check that the guest doesn't already exist on the target
> v2vdie __x('Domain {name} already exists on the target.',
> name => $output_name)
>-- 1.7.4.1
Is there any reason for this restriction other than the XML escaping
issue? If not, I'd prefer to fix the escaping directly and leave
this out.
Whichever you're happy with, but I think it needs to be fixed
one way or the other.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org
4996
days inactive
4996
days old
2 comments
2 participants
participants (2)
-
Matthew Booth -
Richard W.M. Jones