From d95b42df16b8640f48c7b82b1ea207c3dd46df39 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Tue, 23 Feb 2021 14:57:06 +0100 Subject: [PATCH] Validate network related features values Validate the syntax of net.fake-* features values. While improper values currently would lead "only" to lack of network connectivity for a VM, the scripts handling those may assume they are properly formatted already. Furthermore, this gives better error reporting to the user. --- qubes/vm/mix/net.py | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/qubes/vm/mix/net.py b/qubes/vm/mix/net.py index baa8732b..a7caee31 100644 --- a/qubes/vm/mix/net.py +++ b/qubes/vm/mix/net.py @@ -499,6 +499,30 @@ class NetVMMixin(qubes.events.Emitter): vm.fire_event( 'property-reset:visible_gateway6', name='visible_gateway6') + @qubes.events.handler('feature-pre-set:net.fake-ip') + def on_feature_pre_set_net_fake_ip(self, event, name, newvalue, + oldvalue=None): + # pylint: disable=unused-argument,no-self-use + # format validation + ipaddress.IPv4Address(newvalue) + + @qubes.events.handler('feature-pre-set:net.fake-gateway') + def on_feature_pre_set_net_fake_gw(self, event, name, newvalue, + oldvalue=None): + # pylint: disable=unused-argument,no-self-use + # format validation + ipaddress.IPv4Address(newvalue) + + @qubes.events.handler('feature-pre-set:net.fake-netmask') + def on_feature_pre_set_net_fake_nm(self, event, name, newvalue, + oldvalue=None): + # pylint: disable=unused-argument,no-self-use + # format validation + if not newvalue.isdigit(): + ipaddress.IPv4Address(newvalue) + elif not 0 <= int(newvalue) <= 24: + raise qubes.exc.QubesValueError('Invalid netmask value') + @qubes.events.handler('feature-set:net.fake-ip') def on_feature_set_net_fake_ip(self, event, name, newvalue, oldvalue=None): # pylint: disable=unused-argument