Bug 1515193 - pcs should not allow {}\n\r characters in corosync.conf values
Summary: pcs should not allow {}\n\r characters in corosync.conf values
Status: NEW
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pcs
Version: 7.5
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Tomas Jelinek
QA Contact: cluster-qe@redhat.com
Depends On:
TreeView+ depends on / blocked
Reported: 2017-11-20 11:23 UTC by Tomas Jelinek
Modified: 2020-04-30 22:18 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1551663 1679196 (view as bug list)
Last Closed:
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Bugzilla 1551663 None ON_QA Pcs should check for non-valid characters in corosync.conf keynames 2019-10-30 07:59:12 UTC

Internal Links: 1551663

Description Tomas Jelinek 2017-11-20 11:23:09 UTC
From bz1389209 comment 33:
$ pcs quorum device update model \
  "host=$(printf \
    "localhost\n}\nheuristics {\nexec_bar: /usr/bin/sh -c 'echo reboot>>/root/.profile||:'\n")"

Need to check with corosync parser which characters should be disallowed.

Comment 1 Jan Pokorný [poki] 2017-11-20 14:55:19 UTC
This is rather urgent for reasons in [bug 1389209 comment 35].

And rather than being matter of corosync parser, it's a general
deficiency in checking the inputs (possibly from less-privileged
sources, depending on the exact use case) to compose the resulting
corosync.conf from, as currently the precooked configuration
snippets may be injected in "plain unlimited string"-evaluated

Comment 2 Tomas Jelinek 2017-11-20 15:25:37 UTC
- { anywhere in a line means start of a section -> disallowed
- } anywhere in a line means end of a section -> disallowed
- \n and \r starts a new line which could be used to set its own key-value or section -> disallowed
- : is allowed, as only the first : in a line matters
- # is allowed, as the # only matters when it is the first character in a line (not considering whitespace)
- there is no escaping available

Note You need to log in before you can comment on or make changes to this bug.