[lxc-devel] [lxd/master] lxd/project: Add more name checks

stgraber on Github lxc-bot at linuxcontainers.org
Wed Jul 1 19:09:15 UTC 2020 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 370 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200701/99abf2da/attachment.bin>
-------------- next part --------------
From e1edf577e4e1a76750233d166fcec137d4fd5d27 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Wed, 1 Jul 2020 15:08:43 -0400
Subject: [PATCH] lxd/project: Add more name checks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes #7604

Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
 lxd/api_project.go | 46 ++++++++++++++++++++++++++++++++--------------
 1 file changed, 32 insertions(+), 14 deletions(-)

diff --git a/lxd/api_project.go b/lxd/api_project.go
index 38491e9775..5a95f71ab5 100644
--- a/lxd/api_project.go
+++ b/lxd/api_project.go
@@ -112,20 +112,9 @@ func projectsPost(d *Daemon, r *http.Request) response.Response {
 	}
 
 	// Sanity checks
-	if project.Name == "" {
-		return response.BadRequest(fmt.Errorf("No name provided"))
-	}
-
-	if strings.Contains(project.Name, "/") {
-		return response.BadRequest(fmt.Errorf("Project names may not contain slashes"))
-	}
-
-	if project.Name == "*" {
-		return response.BadRequest(fmt.Errorf("Reserved project name"))
-	}
-
-	if shared.StringInSlice(project.Name, []string{".", ".."}) {
-		return response.BadRequest(fmt.Errorf("Invalid project name '%s'", project.Name))
+	err = projectValidateName(project.Name)
+	if err != nil {
+		return response.BadRequest(err)
 	}
 
 	// Validate the configuration
@@ -442,6 +431,11 @@ func projectPost(d *Daemon, r *http.Request) response.Response {
 				return errors.Wrapf(err, "Fetch project id %q", name)
 			}
 
+			err = projectValidateName(name)
+			if err != nil {
+				return err
+			}
+
 			return tx.RenameProject(name, req.Name)
 		})
 		if err != nil {
@@ -576,3 +570,27 @@ func projectValidateConfig(config map[string]string) error {
 
 	return nil
 }
+
+func projectValidateName(name string) error {
+	if name == "" {
+		return fmt.Errorf("No name provided")
+	}
+
+	if strings.Contains(name, "/") {
+		return fmt.Errorf("Project names may not contain slashes")
+	}
+
+	if strings.Contains(name, " ") {
+		return fmt.Errorf("Project names may not contain spaces")
+	}
+
+	if name == "*" {
+		return fmt.Errorf("Reserved project name")
+	}
+
+	if shared.StringInSlice(name, []string{".", ".."}) {
+		return fmt.Errorf("Invalid project name '%s'", name)
+	}
+
+	return nil
+}

More information about the lxc-devel mailing list