From patchwork Wed Feb 17 03:54:37 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jim Fehlig X-Patchwork-Id: 8334591 Return-Path: X-Original-To: patchwork-xen-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 50176C02AA for ; Wed, 17 Feb 2016 04:00:19 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 82ADC20279 for ; Wed, 17 Feb 2016 04:00:18 +0000 (UTC) Received: from lists.xen.org (lists.xenproject.org [50.57.142.19]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A840B202B8 for ; Wed, 17 Feb 2016 04:00:17 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1aVtEz-00048G-JA; Wed, 17 Feb 2016 03:57:25 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1aVtEx-00047r-Q9 for xen-devel@lists.xen.org; Wed, 17 Feb 2016 03:57:23 +0000 Received: from [85.158.137.68] by server-12.bemta-3.messagelabs.com id DE/2B-06010-3AFE3C65; Wed, 17 Feb 2016 03:57:23 +0000 X-Env-Sender: jfehlig@suse.com X-Msg-Ref: server-16.tower-31.messagelabs.com!1455681439!15440612!1 X-Originating-IP: [137.65.248.124] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 7.35.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 47541 invoked from network); 17 Feb 2016 03:57:20 -0000 Received: from inet-orm.provo.novell.com (HELO mail.novell.com) (137.65.248.124) by server-16.tower-31.messagelabs.com with DHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 17 Feb 2016 03:57:20 -0000 Received: from jfehlig1.provo.novell.com ([137.65.135.33]) by mail.novell.com with ESMTP (NOT encrypted); Tue, 16 Feb 2016 20:57:09 -0700 From: Jim Fehlig To: xen-devel@lists.xen.org Date: Tue, 16 Feb 2016 20:54:37 -0700 Message-Id: <1455681279-28451-2-git-send-email-jfehlig@suse.com> X-Mailer: git-send-email 1.8.0.1 In-Reply-To: <1455681279-28451-1-git-send-email-jfehlig@suse.com> References: <1455681279-28451-1-git-send-email-jfehlig@suse.com> Cc: wei.liu2@citrix.com, ian.jackson@eu.citrix.com, ian.campbell@citrix.com Subject: [Xen-devel] [PATCH 1/3] libxlu_cfg: reject unknown characters following '\' X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP When dequoting config strings in xlu__cfgl_dequote(), unknown characters following a '\', and the '\' itself, are discarded. E.g. a disk configuration string containing rbd:pool/image:mon_host=192.168.0.100\:6789 would be dequoted as rbd:pool/image:mon_host=192.168.0.1006789 Instead of discarding the '\' and unknown character, reject the string and set error to EINVAL. --- tools/libxl/libxlu_cfg.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tools/libxl/libxlu_cfg.c b/tools/libxl/libxlu_cfg.c index 1d70909..f8e0bc7 100644 --- a/tools/libxl/libxlu_cfg.c +++ b/tools/libxl/libxlu_cfg.c @@ -533,6 +533,11 @@ char *xlu__cfgl_dequote(CfgParseContext *ctx, const char *src) { NUMERIC_CHAR(2,2,16,"hex"); } else if (nc>='0' && nc<='7') { NUMERIC_CHAR(1,3,10,"octal"); + } else { + xlu__cfgl_lexicalerror(ctx, "invalid character after backlash " + "in quoted string"); + ctx->err= EINVAL; + goto x; } assert(p <= src+len-1); } else {