Qubes/core-admin-client
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

qvm-template-postprocess: improve data validation

Browse Source 
- validate if IP has correct syntax
- print warning if value is invalid

QubesOS/qubes-issues#2534
This commit is contained in:
Marek Marczykowski-Górecki 2021-01-29 23:05:06 +01:00
parent b2e4d0ee34
commit febf014d14
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
qubesadmin/tools/qvm_template_postprocess.py
View File

@ -232,6 +232,12 @@ def call_postinstall_service(vm):
finally: finally:
vm.netvm = qubesadmin.DEFAULT vm.netvm = qubesadmin.DEFAULT
def validate_ip(ip):
"""Check if given string has a valid IP address syntax"""
try:
return all(0 <= int(part) <= 255 for part in ip.split('.', 3))
except ValueError:
return False
@asyncio.coroutine @asyncio.coroutine
def post_install(args): def post_install(args):
@ -301,7 +307,11 @@ def post_install(args):
'net.fake-gateway', 'net.fake-gateway',
'net.fake-netmask'): 'net.fake-netmask'):
if key in conf: if key in conf:
vm.features[key] = conf[key] if validate_ip(conf[key]):
vm.features[key] = conf[key]
else:
vm.log.warning(
'ignoring invalid value for \'%s\'', key)
if 'virt-mode' in conf: if 'virt-mode' in conf:
if conf['virt-mode'] == 'pv' and args.allow_pv: if conf['virt-mode'] == 'pv' and args.allow_pv:
vm.virt_mode = 'pv' vm.virt_mode = 'pv'
@ -310,6 +320,8 @@ def post_install(args):
'--allow-pv not set, ignoring request to change virt-mode') '--allow-pv not set, ignoring request to change virt-mode')
elif conf['virt-mode'] in ('pvh', 'hvm'): elif conf['virt-mode'] in ('pvh', 'hvm'):
vm.virt_mode = conf['virt-mode'] vm.virt_mode = conf['virt-mode']
else:
vm.log.warning('ignoring invalid value for virt-mode')
if 'kernel' in conf: if 'kernel' in conf:
if conf['kernel'] == '': if conf['kernel'] == '':