[pve-devel] [PATCH container] improve mountpoint parsing
Wolfgang Bumiller
w.bumiller at proxmox.com
Thu Feb 4 13:03:17 CET 2016
On Thu, Feb 04, 2016 at 11:36:41AM +0100, Dominik Csapak wrote:
> currently we sanitize mountpoints with sanitize_mountpoint, which
> tries to remove dots, double-dots and multiple slashes, but it does it
> not correctly (e.g. /test/././ gets truncated to /test./ )
>
> instead of trying to truncate the path, we create a format for mp strings
> which throws an error if /./ or /../ exist (also /. and /.. at the end)
> since there should be no valid use for these in mountpoint paths anyway
>
> with the new behaviour, we don't need sanitize_mountpoint anymore
>
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
> src/PVE/LXC.pm | 33 ++++++++++++++++-----------------
> 1 file changed, 16 insertions(+), 17 deletions(-)
>
> diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
> index f761f33..2b52a63 100644
> --- a/src/PVE/LXC.pm
> +++ b/src/PVE/LXC.pm
> @@ -38,6 +38,7 @@ my $rootfs_desc = {
> volume => {
> type => 'string',
> default_key => 1,
> + format => 'pve-lxc-mp-string',
> format_description => 'volume',
> description => 'Volume, device or directory to mount into the container.',
> },
> @@ -367,10 +368,25 @@ for (my $i = 0; $i < $MAX_LXC_NETWORKS; $i++) {
> };
> }
>
> +PVE::JSONSchema::register_format('pve-lxc-mp-string', \&pve_lxc_mp_string);
> +sub pve_lxc_mp_string{
Please prefix the name with 'verify_' (we only left out the prefix when
the format was a json-schema hash, otherwise we use verify_* pretty much
everywhere).
> + my ($mp, $noerr) = @_;
> +
> + # do not allow /./ or /../ in path
> + # also do not allow /. or /.. at the end of the path
> + if($mp =~ m@/\.(\.)?/@ ||
> + $mp =~ m@/\.(\.)?$@){
The parenthesis around the second dot aren't needed, the '?' will
attach to only one element right before it.
We should also forbid '../' at the beginning.
> + return undef if $noerr;
> + die "$mp contains illegal character sequences\n";
> + }
> + return $mp;
> +}
> +
> my $mp_desc = {
> %$rootfs_desc,
> mp => {
> type => 'string',
> + format => 'pve-lxc-mp-string',
> format_description => 'Path',
> description => 'Path to the mountpoint as seen from inside the container.',
> },
> @@ -2024,18 +2040,6 @@ sub mountpoint_names {
> return $reverse ? reverse @names : @names;
> }
>
> -# The container might have *different* symlinks than the host. realpath/abs_path
> -# use the actual filesystem to resolve links.
> -sub sanitize_mountpoint {
> - my ($mp) = @_;
> - $mp = '/' . $mp; # we always start with a slash
> - $mp =~ s@/{2,}@/@g; # collapse sequences of slashes
> - $mp =~ s@/\./@@g; # collapse /./
> - $mp =~ s@/\.(/)?$@$1@; # collapse a trailing /. or /./
> - $mp =~ s@(.*)/[^/]+/\.\./@$1/@g; # collapse /../ without regard for symlinks
> - $mp =~ s@/\.\.(/)?$@$1@; # collapse trailing /.. or /../ disregarding symlinks
> - return $mp;
> -}
>
> sub foreach_mountpoint_full {
> my ($conf, $reverse, $func) = @_;
> @@ -2046,11 +2050,6 @@ sub foreach_mountpoint_full {
> my $mountpoint = $key eq 'rootfs' ? parse_ct_rootfs($value, 1) : parse_ct_mountpoint($value, 1);
> next if !defined($mountpoint);
>
> - $mountpoint->{mp} = sanitize_mountpoint($mountpoint->{mp});
> -
> - my $path = $mountpoint->{volume};
> - $mountpoint->{volume} = sanitize_mountpoint($path) if $path =~ m|^/|;
> -
> &$func($key, $mountpoint);
> }
> }
> --
> 2.1.4
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
More information about the pve-devel
mailing list