Bug 818064 - network: reject newline characters in <name>
network: reject newline characters in <name>
Status: CLOSED NEXTRELEASE
Product: Virtualization Tools
Classification: Community
Component: libvirt (Show other bugs)
unspecified
x86_64 Linux
unspecified Severity unspecified
: ---
: ---
Assigned To: Michal Privoznik
LibvirtFirstBug
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-05-02 02:55 EDT by xingxing
Modified: 2016-10-20 07:16 EDT (History)
14 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-10-20 07:16:58 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description xingxing 2012-05-02 02:55:15 EDT
Description of problem:
net-define command does not work correctly with customise network xml file

Version-Release number of selected component (if applicable):
Version     : 0.9.4 

How reproducible:
create a customise network xml like:
<network>
 <name>
 network2
 </name>
 <uuid>
  bffa1437-0869-3aa5-7ea6-1f45cd38d93a
 </uuid>
 <forward mode="nat"/>
 <bridge delay="0" name="virbr5" stp="on"/>
 <mac address="52:54:00:59:47:87"/>

NB,the "name" attribute is in a newline,which cause the trouble.


  
Actual results:
when use virsh net-define network1.xml
the results would look like this:
# virsh net-list --all
Name                 State      Autostart
-----------------------------------------
default              active     yes       

  network1
         inactive   no        
network2             inactive   no        
  
see what happen? the network1 is wrong and cannot be edit.
Believe it or not, anyway, I believe. 
Expected results:
# virsh net-list --all
Name                 State      Autostart
-----------------------------------------
default              active     yes              
network1             inactive   no 

Additional info:
the complete network xml file:

<?xml version="1.0" ?>
<network>
 <name>
network2
</name>
 <uuid>
  bffa1437-0869-3aa5-7ea6-1f45cd38d93a
 </uuid>
 <forward mode="nat"/>
 <bridge delay="0" name="virbr5" stp="on"/>
 <mac address="52:54:00:59:47:87"/>
 <ip address="125.65.112.51" netmask="255.255.255.0">
   <dhcp>
     <range start='192.168.1.128' end='192.168.1.254' />
   </dhcp>
 </ip>
</network>
Comment 1 Jiri Denemark 2012-05-02 05:13:09 EDT
The network element is actually invalid:

Relax-NG validity error : Extra element uuid in interleave
/dev/stdin:6: element uuid: Relax-NG validity error : Element network failed to validate content
/dev/stdin fails to validate

That's because the schema does not allow spaces or new lines inside <uuid>. However, libvirt knows it expects UUID and ignore those extra spaces and new lines when parsing it.

On the other hand, <name> has no strict structure inside and libvirt cannot just blindly discard any characters from the name. Everything within <name></name> is the name of the network. Thus, your XML creates a network called
"
network2
"

virsh net-edit network2 obviously doesn't work because there's no network of that name. However, using the correct name would work. For example:

$ virsh net-dumpxml '
  test2
'
<network>
  <name>
  test2
</name>
  <uuid>e2a81d31-73f8-9795-0173-14292aa8643a</uuid>
  <forward mode='nat'/>
  <bridge name='virbr3' stp='on' delay='0' />
  <mac address='52:54:00:70:EF:67'/>
  <ip address='10.20.31.1' netmask='255.255.255.0'>
  </ip>
</network>
Comment 2 Daniel Berrange 2012-05-02 05:27:29 EDT
The RNG schema doesn't restrict use of \n in the <name> since it is possible some hypervisors might allow it. The driver impls we do ourselves though, really ought to have a code check to forbid newlines.
Comment 3 xingxing 2012-05-02 11:29:11 EDT
i've found that the network has been defined with '\n' in the name,and the xml file has been saved with a strange name, but i think we should forbid newlines as it may get people confused,do something or not?
Comment 4 Cole Robinson 2012-06-07 10:22:57 EDT
Moving to F17, since rawhide bugs tend to languish
Comment 5 Cole Robinson 2012-10-20 21:05:37 EDT
This isn't that important for Fedora, so just moving to the upstream tracker.
Comment 6 Cole Robinson 2016-04-26 15:28:02 EDT
Marking as LibvirtFirstBug. We can probably just reject newlines at virNetworkDefParse time... I don't imagine anyone is actually using networks named like this in practice, given that it completely messes up virsh output.

Would also be interesting to see if domain or storage pools reject these too
Comment 7 Michal Privoznik 2016-10-09 22:56:11 EDT
There has been an attempt on the list to fix this bug:

https://www.redhat.com/archives/libvir-list/2016-October/msg00368.html
Comment 8 Michal Privoznik 2016-10-20 07:16:58 EDT
I've just pushed the patches upstream:

commit dc40dd605800c560dec6ec73b7bbd922666e5d73
Author:     Sławek Kapłoński <slawek@kaplonski.pl>
AuthorDate: Wed Oct 19 22:57:48 2016 +0200
Commit:     Michal Privoznik <mprivozn@redhat.com>
CommitDate: Thu Oct 20 19:10:42 2016 +0800

    networkValidate: Forbid new-line char in network name
    
    New line character in name of network is now forbidden because it
    mess virsh output and can be confusing for users.  Validation of
    name is done in network driver, after parsing XML to avoid
    problems with disappeared network which was already created with
    new-line char in name.
    
    Closes-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=818064
    Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

commit e1b8196866c2c70bc7303ee69561e7f52edb8460
Author:     Sławek Kapłoński <slawek@kaplonski.pl>
AuthorDate: Wed Oct 19 22:57:47 2016 +0200
Commit:     Michal Privoznik <mprivozn@redhat.com>
CommitDate: Thu Oct 20 19:09:14 2016 +0800

    network: Use new util function to check name
    
    New util function virXMLCheckIllegalChars is now used to test if
    parsed network contains illegal char '/' in it's name.
    
    Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

commit 7a2216460f8a67c305364d69d33847a3b845e708
Author:     Sławek Kapłoński <slawek@kaplonski.pl>
AuthorDate: Wed Oct 19 22:57:46 2016 +0200
Commit:     Michal Privoznik <mprivozn@redhat.com>
CommitDate: Thu Oct 20 18:49:22 2016 +0800

    virxml: Add function to check if string contains some illegal chars
    
    This new function can be used to check if e.g. name of XML
    node don't contains forbidden chars like "/" or "\n".
    
    Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

v2.3.0-150-gdc40dd6

Note You need to log in before you can comment on or make changes to this bug.