[pve-devel] [PATCH access-control] schema: disallow '0' as a pool name

Fiona Ebner f.ebner at proxmox.com
Wed May 21 14:15:10 CEST 2025


A pool with ID '0' can be added, but not parsed, because it will
evaluate to false in parse_user_config():

> if (!verify_poolname($pool, 1)) {
>     warn "user config - ignore pool '$pool' - invalid characters in pool name\n";
>     next;
> }

It's likely that it would cause other issues as well if properly
handled there, so prohibit it in the schema.

Signed-off-by: Fiona Ebner <f.ebner at proxmox.com>
---
 src/PVE/AccessControl.pm | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index 1c79656..224aeee 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1327,6 +1327,11 @@ sub verify_poolname {
 	return undef;
     }
 
+    if ($poolname eq '0') {
+	die "invalid pool name '$poolname'\n" if !$noerr;
+	return undef;
+    }
+
     # also adapt check_path above if changed!
     if ($poolname !~ m!^[A-Za-z0-9\.\-_]+(?:/[A-Za-z0-9\.\-_]+){0,2}$!) {
 	die "pool name '$poolname' contains invalid characters\n" if !$noerr;
-- 
2.39.5





More information about the pve-devel mailing list