From: Ram Pai <linuxram@us.ibm.com>
To: Kevin Wolf <mail@kevin-wolf.de>
Cc: Anthony Liguori <aliguori@us.ibm.com>,
qemu-devel@nongnu.org, kvm-devel <kvm@vger.kernel.org>
Subject: [Qemu-devel] [PATCH] rev3: support colon in filenames
Date: Wed, 01 Jul 2009 22:08:41 -0700 [thread overview]
Message-ID: <1246511321.6429.31.camel@localhost> (raw)
In-Reply-To: <1246063310.6278.115.camel@localhost>
Problem: It is impossible to feed filenames with the character colon because
qemu interprets such names as a protocol. For example filename scsi:0, is
interpreted as a protocol by name "scsi".
This patch allows user to escape colon characters. For example the above
filename can now be expressed either as 'scsi\:0' or as file:scsi:0
anything following the "file:" tag is interpreted verbatim. However if "file:"
tag is omitted then any colon characters in the string must be escaped using
backslash.
Here are couple of examples:
scsi\:0\:abc is a local file scsi:0:abc
http\://myweb is a local file by name http://myweb
file:scsi:0:abc is a local file scsi:0:abc
file:http://myweb is a local file by name http://myweb
fat:c:\path\to\dir\:floppy\: is a fat file by name \path\to\dir:floppy:
NOTE:The above example cannot be expressed using the "file:" protocol.
Changelog w.r.t to iteration 0:
1) removes flexibility added to nbd semantics eg -- nbd:\::9999
2) introduce the file: protocol to indicate local file
Changelog w.r.t to iteration 1:
1) generically handles 'file:' protocol in find_protocol
2) centralizes 'filename' pruning before the call to open().
3) fixes buffer overflow seen in fill_token()
4) adheres to coding style
5) patch against upstream qemu tree
Changelog w.r.t to iteration 2:
1) really really fixes buffer overflow seen in fill_token()
2) the centralized 'filename' pruning had a side effect with
qcow2 files and other files. Fixed it. _open() is back.
Signed-off-by: Ram Pai <linuxram@us.ibm.com>
block.c | 10 +----
block/raw-posix.c | 15 ++++----
block/vvfat.c | 100 ++++++++++++++++++++++++++++++++++++++++++++++++++--
cutils.c | 40 +++++++++++++++++++++
qemu-common.h | 2 +
5 files changed, 148 insertions(+), 19 deletions(-)
diff --git a/block.c b/block.c
index aca5a6d..7ad4dd9 100644
--- a/block.c
+++ b/block.c
@@ -225,7 +225,6 @@ static BlockDriver *find_protocol(const char *filename)
{
BlockDriver *drv1;
char protocol[128];
- int len;
const char *p;
#ifdef _WIN32
@@ -233,14 +232,9 @@ static BlockDriver *find_protocol(const char *filename)
is_windows_drive_prefix(filename))
return bdrv_find_format("raw");
#endif
- p = strchr(filename, ':');
- if (!p)
+ p = prune_strcpy(protocol, 128, filename, ':');
+ if (*p != ':')
return bdrv_find_format("raw");
- len = p - filename;
- if (len > sizeof(protocol) - 1)
- len = sizeof(protocol) - 1;
- memcpy(protocol, filename, len);
- protocol[len] = '\0';
for(drv1 = first_drv; drv1 != NULL; drv1 = drv1->next) {
if (drv1->protocol_name &&
!strcmp(drv1->protocol_name, protocol))
diff --git a/block/raw-posix.c b/block/raw-posix.c
index 41bfa37..8a0c0df 100644
--- a/block/raw-posix.c
+++ b/block/raw-posix.c
@@ -151,7 +151,7 @@ static int raw_open_common(BlockDriverState *bs, const char *filename,
s->open_flags |= O_DSYNC;
s->fd = -1;
- fd = open(filename, s->open_flags, 0644);
+ fd = _open(filename, s->open_flags, 0644);
if (fd < 0) {
ret = -errno;
if (ret == -EROFS)
@@ -844,7 +844,7 @@ static int raw_create(const char *filename, QEMUOptionParameter *options)
options++;
}
- fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY,
+ fd = _open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY,
0644);
if (fd < 0)
return -EIO;
@@ -889,6 +889,7 @@ static BlockDriver bdrv_raw = {
.bdrv_getlength = raw_getlength,
.create_options = raw_create_options,
+ .protocol_name = "file",
};
/***********************************************/
@@ -985,7 +986,7 @@ static int hdev_open(BlockDriverState *bs, const char *filename, int flags)
if ( bsdPath[ 0 ] != '\0' ) {
strcat(bsdPath,"s0");
/* some CDs don't have a partition 0 */
- fd = open(bsdPath, O_RDONLY | O_BINARY | O_LARGEFILE);
+ fd = _open(bsdPath, O_RDONLY | O_BINARY | O_LARGEFILE);
if (fd < 0) {
bsdPath[strlen(bsdPath)-1] = '1';
} else {
@@ -1037,7 +1038,7 @@ static int fd_open(BlockDriverState *bs)
#endif
return -EIO;
}
- s->fd = open(bs->filename, s->open_flags & ~O_NONBLOCK);
+ s->fd = _open(bs->filename, s->open_flags & ~O_NONBLOCK);
if (s->fd < 0) {
s->fd_error_time = qemu_get_clock(rt_clock);
s->fd_got_error = 1;
@@ -1133,7 +1134,7 @@ static int hdev_create(const char *filename, QEMUOptionParameter *options)
options++;
}
- fd = open(filename, O_WRONLY | O_BINARY);
+ fd = _open(filename, O_WRONLY | O_BINARY);
if (fd < 0)
return -EIO;
@@ -1239,7 +1240,7 @@ static int floppy_eject(BlockDriverState *bs, int eject_flag)
close(s->fd);
s->fd = -1;
}
- fd = open(bs->filename, s->open_flags | O_NONBLOCK);
+ fd = _open(bs->filename, s->open_flags | O_NONBLOCK);
if (fd >= 0) {
if (ioctl(fd, FDEJECT, 0) < 0)
perror("FDEJECT");
@@ -1399,7 +1400,7 @@ static int cdrom_reopen(BlockDriverState *bs)
*/
if (s->fd >= 0)
close(s->fd);
- fd = open(bs->filename, s->open_flags, 0644);
+ fd = _open(bs->filename, s->open_flags, 0644);
if (fd < 0) {
s->fd = -1;
return -EIO;
diff --git a/block/vvfat.c b/block/vvfat.c
index 1e37b9f..4729165 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -76,6 +76,97 @@ typedef struct array_t {
unsigned int size,next,item_size;
} array_t;
+/*
+ * prunes out all escape characters as per the following rule
+ * '\\' -> '\'
+ * '\:' -> ':'
+ * '\,' -> ','
+ * '\x' -> '\x'
+ * return a new pruned string.
+ * NOTE: remember to free that string.
+ */
+static char *escape_strdup(const char *str)
+{
+#define NORMAL 0
+#define ESCAPED 1
+ int len = strlen(str);
+ char *s = qemu_malloc(len+1);
+ char *q = s;
+ const char *p=str;
+ int state=NORMAL;
+
+ while (p < str+len) {
+ switch (state) {
+ case NORMAL:
+ switch (*p) {
+ case '\\' : state=ESCAPED; p++ ; break;
+ default: *q++=*p++; break;
+ }
+ break;
+ case ESCAPED:
+ switch (*p) {
+ case '\\' :
+ case ',' :
+ case ':':
+ break;
+
+ default: *q++='\\';break;
+ }
+ state = NORMAL;
+ *q++=*p++;
+ break;
+ }
+ }
+ *q = '\0';
+ return s;
+}
+
+/*
+ * return the index of the rightmost delimitor in the string 'str'
+ */
+static int find_rdelim(const char *str, const char delimitor)
+{
+#define NOT_FOUND 1
+#define MAY_HAVE_FOUND 2
+#define MAY_NOT_HAVE_FOUND 3
+ const char *f = str + strlen(str) -1;
+ char state = NOT_FOUND;
+ const char *loc = f;
+
+ while (f >= str) {
+ char c = *f--;
+ switch (state) {
+ case NOT_FOUND:
+ if (c == delimitor) {
+ state=MAY_HAVE_FOUND;
+ loc=f+1;
+ }
+ break;
+ case MAY_HAVE_FOUND:
+ if (c == '\\') {
+ state=MAY_NOT_HAVE_FOUND;
+ } else {
+ goto out;
+ }
+ break;
+ case MAY_NOT_HAVE_FOUND:
+ if (c == '\\') {
+ state=MAY_HAVE_FOUND;
+ } else if ( c == delimitor ) {
+ state=MAY_HAVE_FOUND;
+ loc=f+1;
+ } else {
+ state=NOT_FOUND;
+ }
+ break;
+ }
+ }
+ loc=f;
+out:
+ return (loc-str);
+}
+
+
static inline void array_init(array_t* array,unsigned int item_size)
{
array->pointer = NULL;
@@ -882,7 +973,7 @@ static int init_directories(BDRVVVFATState* s,
mapping->dir_index = 0;
mapping->info.dir.parent_mapping_index = -1;
mapping->first_mapping_index = -1;
- mapping->path = strdup(dirname);
+ mapping->path = escape_strdup(dirname);
i = strlen(mapping->path);
if (i > 0 && mapping->path[i - 1] == '/')
mapping->path[i - 1] = '\0';
@@ -1055,7 +1146,7 @@ DLOG(if (stderr == NULL) {
bs->read_only = 0;
}
- i = strrchr(dirname, ':') - dirname;
+ i = find_rdelim(dirname, ':'); /* find the rightmost unescaped colon */
assert(i >= 3);
if (dirname[i-2] == ':' && qemu_isalpha(dirname[i-1]))
/* workaround for DOS drive names */
@@ -1081,6 +1172,7 @@ DLOG(if (stderr == NULL) {
return 0;
}
+
static inline void vvfat_close_current_file(BDRVVVFATState *s)
{
if(s->current_mapping) {
@@ -1162,7 +1254,7 @@ static int open_file(BDRVVVFATState* s,mapping_t* mapping)
if(!s->current_mapping ||
strcmp(s->current_mapping->path,mapping->path)) {
/* open file */
- int fd = open(mapping->path, O_RDONLY | O_BINARY | O_LARGEFILE);
+ int fd = _open(mapping->path, O_RDONLY | O_BINARY | O_LARGEFILE);
if(fd<0)
return -1;
vvfat_close_current_file(s);
@@ -2222,7 +2314,7 @@ static int commit_one_file(BDRVVVFATState* s,
for (i = s->cluster_size; i < offset; i += s->cluster_size)
c = modified_fat_get(s, c);
- fd = open(mapping->path, O_RDWR | O_CREAT | O_BINARY, 0666);
+ fd = _open(mapping->path, O_RDWR | O_CREAT | O_BINARY, 0666);
if (fd < 0) {
fprintf(stderr, "Could not open %s... (%s, %d)\n", mapping->path,
strerror(errno), errno);
diff --git a/cutils.c b/cutils.c
index 6ea0c49..05f570b 100644
--- a/cutils.c
+++ b/cutils.c
@@ -24,6 +24,32 @@
#include "qemu-common.h"
#include "host-utils.h"
+/*
+ * copy contents of 'str' into buf until the first unescaped
+ * character 'c'. Escape character '\' is pruned off.
+ * Return pointer to the delimiting character
+ */
+const char *prune_strcpy(char *buf, int len, const char *str, const char c)
+{
+ const char *p=str;
+ char *q=buf;
+
+ len = strnlen(str, len-1);
+ while (p < str+len) {
+ if (*p == c)
+ break;
+ if (*p == '\\') {
+ p++;
+ if (*p == '\0')
+ break;
+ }
+ *q++ = *p++;
+ }
+ *q='\0';
+ return p;
+}
+
+
void pstrcpy(char *buf, int buf_size, const char *str)
{
int c;
@@ -184,3 +210,17 @@ void qemu_iovec_from_buffer(QEMUIOVector *qiov, const void *buf, size_t count)
count -= copy;
}
}
+
+int _open(const char *filename, int flags, ...)
+{
+ char myfile[PATH_MAX];
+ const char *f;
+ va_list ap;
+ va_start(ap, flags);
+
+ if (!strstart(filename, "file:", &f)) {
+ prune_strcpy(myfile, PATH_MAX, filename, '\0');
+ return open(myfile, flags, ap);
+ }
+ return open(f, flags, ap);
+}
diff --git a/qemu-common.h b/qemu-common.h
index 2dcb224..41da8b0 100644
--- a/qemu-common.h
+++ b/qemu-common.h
@@ -104,12 +104,14 @@ void qemu_get_timedate(struct tm *tm, int offset);
int qemu_timedate_diff(struct tm *tm);
/* cutils.c */
+const char *prune_strcpy(char *buf, int buf_size, const char *str, const char);
void pstrcpy(char *buf, int buf_size, const char *str);
char *pstrcat(char *buf, int buf_size, const char *s);
int strstart(const char *str, const char *val, const char **ptr);
int stristart(const char *str, const char *val, const char **ptr);
time_t mktimegm(struct tm *tm);
int qemu_fls(int i);
+int _open(const char *filename, int flags, ...);
#define qemu_isalnum(c) isalnum((unsigned char)(c))
#define qemu_isalpha(c) isalpha((unsigned char)(c))
next prev parent reply other threads:[~2009-07-02 5:08 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1245862739.6278.7.camel@localhost>
2009-06-24 17:57 ` [Qemu-devel] Re: [PATCH] support colon in filenames Ram Pai
2009-06-25 9:14 ` Kevin Wolf
2009-06-25 17:52 ` Ram Pai
2009-06-26 6:53 ` Kevin Wolf
2009-06-26 6:38 ` [Qemu-devel] rev1 " Ram Pai
2009-06-26 7:45 ` [Qemu-devel] " Kevin Wolf
2009-06-27 0:41 ` [Qemu-devel] rev2 " Ram Pai
2009-07-02 5:08 ` Ram Pai [this message]
2009-07-02 8:52 ` [Qemu-devel] [PATCH] rev3: " Kevin Wolf
2009-07-02 12:52 ` Anthony Liguori
2009-07-02 13:18 ` Kevin Wolf
2009-07-08 8:30 ` [Qemu-devel] [PATCH] rev4: " Ram Pai
2009-07-08 15:05 ` [Qemu-devel] " Jan Kiszka
2009-07-10 13:31 ` Anthony Liguori
2009-07-15 7:51 ` [Qemu-devel] [PATCH] rev5: " Ram Pai
2009-07-15 9:30 ` [Qemu-devel] " Jan Kiszka
2009-07-15 17:03 ` Ram Pai
2009-07-15 18:20 ` Jamie Lokier
2009-07-15 18:44 ` Ram Pai
2009-07-15 21:04 ` [Qemu-devel] qcow2 relative paths (was: [PATCH] rev5: support colon in filenames) Jamie Lokier
2009-07-15 21:14 ` [Qemu-devel] Re: qcow2 relative paths Jan Kiszka
2009-07-16 2:28 ` [Qemu-devel] Re: qcow2 relative paths (was: [PATCH] rev5: support colon in filenames) Ram Pai
2009-07-16 7:38 ` [Qemu-devel] Re: qcow2 relative paths Kevin Wolf
2009-07-16 7:51 ` Ram Pai
2009-07-16 7:39 ` [Qemu-devel] [PATCH] rev6: support colon in filenames Ram Pai
2009-07-17 23:17 ` [Qemu-devel] [PATCH] rev7: " Ram Pai
2009-07-21 12:42 ` [Qemu-devel] " Kevin Wolf
2009-08-06 6:27 ` Ram Pai
2009-08-06 6:47 ` [Qemu-devel] [PATCH] rev8: " Ram Pai
2009-07-15 15:04 ` [Qemu-devel] [PATCH] rev5: " Blue Swirl
2009-07-15 15:14 ` Anthony Liguori
2009-07-15 15:29 ` Blue Swirl
2009-07-15 15:40 ` Anthony Liguori
2009-07-15 16:42 ` Kevin Wolf
2009-07-15 17:47 ` Michael S. Tsirkin
2009-07-16 10:57 ` Amit Shah
2009-07-16 13:43 ` Markus Armbruster
2009-07-16 14:10 ` Anthony Liguori
2009-07-16 15:13 ` Gerd Hoffmann
2009-07-16 15:12 ` Gerd Hoffmann
2009-07-15 15:34 ` Kevin Wolf
2009-07-15 15:41 ` Anthony Liguori
2009-07-15 15:52 ` Paul Brook
2009-07-15 16:03 ` Gerd Hoffmann
2009-07-15 16:08 ` Paul Brook
2009-07-16 7:39 ` Ram Pai
2009-07-16 7:43 ` Kevin Wolf
2009-07-15 18:14 ` [Qemu-devel] [PATCH] rev3: " Jamie Lokier
2009-07-15 20:54 ` Jan Kiszka
2009-07-15 21:36 ` Jamie Lokier
2009-07-15 21:42 ` Jan Kiszka
2009-07-15 22:00 ` Jamie Lokier
2009-07-15 22:16 ` Anthony Liguori
2009-07-15 22:39 ` Jamie Lokier
2009-07-15 22:41 ` Anthony Liguori
2009-07-15 22:51 ` Jamie Lokier
2009-07-16 0:03 ` Anthony Liguori
2009-07-16 7:20 ` Jan Kiszka
2009-07-16 7:16 ` Jan Kiszka
2009-07-16 8:01 ` Kevin Wolf
2009-07-16 23:53 ` Paul Brook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1246511321.6429.31.camel@localhost \
--to=linuxram@us.ibm.com \
--cc=aliguori@us.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=mail@kevin-wolf.de \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).