From dd78da09b03a4fb3db69e7405fa177dc39a4936d Mon Sep 17 00:00:00 2001 From: Michal Privoznik Date: Wed, 4 Jan 2017 14:24:16 +0100 Subject: [PATCH] qemuDomainCreateDevice: Be more careful about device path Again, not something that I'd hit, but there is a chance in theory that this might bite us. Currently the way we decide whether or not to create /dev entry for a device is by marching first four characters of path with "/dev". This might be not enough. Just imagine somebody has a disk image stored under "/devil/path/to/disk". We ought to be matching against "/dev/". Signed-off-by: Michal Privoznik --- src/qemu/qemu_domain.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 4eff2ef460..67e8836f3b 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -6917,6 +6917,8 @@ qemuDomainGetHostdevPath(virDomainHostdevDefPtr dev, } +#define DEVPREFIX "/dev/" + #if defined(__linux__) static int qemuDomainCreateDevice(const char *device, @@ -6927,7 +6929,7 @@ qemuDomainCreateDevice(const char *device, struct stat sb; int ret = -1; - if (!STRPREFIX(device, "/dev")) { + if (!STRPREFIX(device, DEVPREFIX)) { virReportError(VIR_ERR_INTERNAL_ERROR, _("invalid device: %s"), device); @@ -6935,7 +6937,7 @@ qemuDomainCreateDevice(const char *device, } if (virAsprintf(&devicePath, "%s/%s", - path, device + 4) < 0) + path, device + strlen(DEVPREFIX)) < 0) goto cleanup; if (stat(device, &sb) < 0) { @@ -7066,7 +7068,7 @@ qemuDomainSetupDisk(virQEMUDriverPtr driver ATTRIBUTE_UNUSED, for (next = disk->src; next; next = next->backingStore) { if (!next->path || !virStorageSourceIsLocalStorage(next) || - !STRPREFIX(next->path, "/dev")) { + !STRPREFIX(next->path, DEVPREFIX)) { /* Not creating device. Just continue. */ continue; } @@ -7770,7 +7772,7 @@ qemuDomainNamespaceSetupDisk(virQEMUDriverPtr driver, for (next = disk->src; next; next = next->backingStore) { if (!next->path || !virStorageSourceIsBlockLocal(disk->src) || - !STRPREFIX(next->path, "/dev")) { + !STRPREFIX(next->path, DEVPREFIX)) { /* Not creating device. Just continue. */ continue; }