[lxc-devel] [lxd/master] Prevent using invalid profile names
stgraber on Github
lxc-bot at linuxcontainers.org
Thu Aug 11 16:19:25 UTC 2016
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 706 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20160811/f2faf9b3/attachment.bin>
-------------- next part --------------
From 9d25d0341d32615643628ebcbaeb937856d5d797 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Thu, 11 Aug 2016 09:21:10 -0600
Subject: [PATCH] Prevent using invalid profile names
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Profile names with slashes or called "." or ".." will get mangled/eaten
by the http server, so creating them works, using them works but they
can't be modified or deleted.
This prevents creating such profiles now and also removes any existing
one that already exists (they couldn't have been configured so it should
be safe).
Closes #2274
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/patches.go | 26 +++++++++++++++++++++++++-
lxd/profiles.go | 17 +++++++++++++++++
2 files changed, 42 insertions(+), 1 deletion(-)
diff --git a/lxd/patches.go b/lxd/patches.go
index 11030b4..72360d9 100644
--- a/lxd/patches.go
+++ b/lxd/patches.go
@@ -1,7 +1,11 @@
package main
import (
+ "strings"
+
"github.com/lxc/lxd/shared"
+
+ log "gopkg.in/inconshreveable/log15.v2"
)
/* Patches are one-time actions that are sometimes needed to update
@@ -21,7 +25,9 @@ import (
Only append to the patches list, never remove entries and never re-order them.
*/
-var patches = []patch{}
+var patches = []patch{
+ patch{name: "invalid_profile_names", run: patchInvalidProfileNames},
+}
type patch struct {
name string
@@ -65,3 +71,21 @@ func patchesApplyAll(d *Daemon) error {
}
// Patches begin here
+func patchInvalidProfileNames(name string, d *Daemon) error {
+ profiles, err := dbProfiles(d.db)
+ if err != nil {
+ return err
+ }
+
+ for _, profile := range profiles {
+ if strings.Contains(profile, "/") || shared.StringInSlice(profile, []string{".", ".."}) {
+ shared.Log.Info("Removing unreachable profile (invalid name)", log.Ctx{"name": profile})
+ err := dbProfileDelete(d.db, profile)
+ if err != nil {
+ return err
+ }
+ }
+ }
+
+ return nil
+}
diff --git a/lxd/profiles.go b/lxd/profiles.go
index 86bf2a7..6bf4122 100644
--- a/lxd/profiles.go
+++ b/lxd/profiles.go
@@ -7,6 +7,7 @@ import (
"io/ioutil"
"net/http"
"reflect"
+ "strings"
"github.com/gorilla/mux"
_ "github.com/mattn/go-sqlite3"
@@ -68,6 +69,14 @@ func profilesPost(d *Daemon, r *http.Request) Response {
return BadRequest(fmt.Errorf("No name provided"))
}
+ if strings.Contains(req.Name, "/") {
+ return BadRequest(fmt.Errorf("Profile names may not contain slashes"))
+ }
+
+ if shared.StringInSlice(req.Name, []string{".", ".."}) {
+ return BadRequest(fmt.Errorf("Invalid profile name '%s'", req.Name))
+ }
+
err := containerValidConfig(d, req.Config, true, false)
if err != nil {
return BadRequest(err)
@@ -325,6 +334,14 @@ func profilePost(d *Daemon, r *http.Request) Response {
return BadRequest(fmt.Errorf("No name provided"))
}
+ if strings.Contains(req.Name, "/") {
+ return BadRequest(fmt.Errorf("Profile names may not contain slashes"))
+ }
+
+ if shared.StringInSlice(req.Name, []string{".", ".."}) {
+ return BadRequest(fmt.Errorf("Invalid profile name '%s'", req.Name))
+ }
+
err := dbProfileUpdate(d.db, name, req.Name)
if err != nil {
return InternalError(err)
More information about the lxc-devel
mailing list