From mboxrd@z Thu Jan  1 00:00:00 1970
From: Kamala Narasimhan <kamala.narasimhan@gmail.com>
Subject: Re: [PATCH] xl: Perform minimal validation of virtual
	disk file while parsing config file
Date: Thu, 20 Jan 2011 16:14:57 -0500
Message-ID: <AANLkTi=1b+amdCA4A3AKxAnR6C65xv2+O3BNbGsp-T7i@mail.gmail.com>
References: <AANLkTimSUym0u+SNm0AvNp3AZQQFspetAaXmNShkPJd4@mail.gmail.com>
	<1294995912.8240.86.camel@zakaz.uk.xensource.com>
	<AANLkTikfUHHc+-gVkgnRJc722wObLF3TumpK5WSfJVAE@mail.gmail.com>
	<1295024348.12018.222.camel@qabil.uk.xensource.com>
	<AANLkTikf3TVJwE_N-OyuS-UhyA8+cgzAG__9hz3AETeM@mail.gmail.com>
	<AANLkTinJ=PYsC6vbPvU8g2T8NmyohLa=4rd9zfhTMCCO@mail.gmail.com>
	<AANLkTin1AGxH26158mn37_Oar1PgSSJoJOnGHs+XnxsV@mail.gmail.com>
	<1295532296.12018.337.camel@qabil.uk.xensource.com>
	<19768.22912.878633.622270@mariner.uk.xensource.com>
	<AANLkTinnrmAxaOVu1fN2qt4N2t-EzpF31sKE-Jpn-y2f@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <AANLkTinnrmAxaOVu1fN2qt4N2t-EzpF31sKE-Jpn-y2f@mail.gmail.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Ian Jackson <Ian.Jackson@eu.citrix.com>
Cc: Ian Campbell <Ian.Campbell@eu.citrix.com>, "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>, Gianni Tedesco <gianni.tedesco@citrix.com>, Stefano Stabellini <stefano.stabellini@eu.citrix.com>
List-Id: xen-devel@lists.xenproject.org

Here is a revised patch.  Please let me know if there are further suggestions.

Signed-off-by: Kamala Narasimhan <kamala.narasimhan@citrix.com>

Kamala

diff -r fe8a177ae9cb tools/libxl/libxl.c
--- a/tools/libxl/libxl.c       Wed Jan 19 15:29:04 2011 +0000
+++ b/tools/libxl/libxl.c       Thu Jan 20 16:09:42 2011 -0500
@@ -826,6 +826,38 @@ skip_autopass:

 /******************************************************************************/

+static int validate_virtual_disk(libxl_ctx *ctx, char *file_name,
libxl_disk_phystype disk_type)
+{
+    struct stat stat_buf;
+
+    assert(file_name);
+
+    /* Return without further validation for empty cdrom drive.
+       Note: Post 4.1 we need to change the interface to handle empty
+       cdrom rather than go with the below assumption.
+     */
+    if ( (strlen(file_name) == 0) && (disk_type == PHYSTYPE_PHY) )
+        return 0;
+
+    if ( stat(file_name, &stat_buf) != 0 ) {
+        LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "Stat on virtual disk %s
returned error - \"%s\".\n",
+            file_name, strerror(errno));
+        return ERROR_INVAL;
+    }
+    if ( disk_type == PHYSTYPE_PHY ) {
+        if ( !(S_ISBLK(stat_buf.st_mode)) ) {
+            LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "Virtual disk %s is not
a block device!\n",
+                file_name);
+            return ERROR_INVAL;
+        }
+    } else if ( stat_buf.st_size == 0 ) {
+        LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "Virtual disk %s size is
0!\n", file_name);
+        return ERROR_INVAL;
+    }
+
+    return 0;
+}
+
 int libxl_device_disk_add(libxl_ctx *ctx, uint32_t domid,
libxl_device_disk *disk)
 {
     libxl__gc gc = LIBXL_INIT_GC(ctx);
@@ -835,6 +867,10 @@ int libxl_device_disk_add(libxl_ctx *ctx
     int devid;
     libxl__device device;
     int major, minor, rc;
+
+    rc = validate_virtual_disk(ctx, disk->physpath, disk->phystype);
+    if ( rc != 0 )
+        return rc;

     front = flexarray_make(16, 1);
     if (!front) {