On Tue, Nov 10, 2015 at 02:45:05PM -0800, Gurucharan Shetty wrote:
> > In the Python code, I wonder whether there are any concerns about
> > malicious input. I mean, what if someone names a subnet "--
> > emer-reset", for example (or similar)? Would that delete basically the
> > whole OVS database? Or does everything show up as a UUID and therefore
> > make it safe? I didn't investigate enough to figure that out.
>
> Thanks for the above warning. Though one could not send malicious
> input via docker api (as they check for the validity there), once
> could still send a TCP request directly to the driver to carefully
> insert " -- $database_command --" as arguments for ovs-vsctl and
> ovn-nbctl commands. To handle that I was thinking of doing something
> like this:
>
>
> +def vet_inputs(*args):
> + for arg in args:
> + if arg.find(" -- ") != -1:
> + raise RuntimeError("Input contains invalid characters")
> +
>
> try:
> + vet_inputs(network, subnet, gateway_ip)
> ovn_nbctl("lswitch-add %s -- set Logical_Switch %s "
> "external_ids:subnet=%s external_ids:gateway_ip=%s"
> % (network, network, subnet, gateway_ip))
>
>
> And everywhere else where we pass the user input to ovn_nbctl or
> ovs_vsctl calls.
> What do you think?
I was expecting something more like:
ovn_nbctl("lswitch-add", network, "--", "set", "Logical_Switch",
network, "external_ids:subnet=" + subnet,
"external_ids:gateway_ip=" + gateway_ip)
and then change ovn_nbctl to take argv instead of a string to break up.
Is that difficult?
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
