1. Patchew
  2. Libvirt
  3. [PATCH 00/14] virsh: Completion improvements and checking tool
  4. View patch

[PATCH 04/14] vshCmddefCheckInternals: Sanitize command alias validation

Peter Krempa posted 14 patches 4 years, 4 months ago
[PATCH 04/14] vshCmddefCheckInternals: Sanitize command alias validation
Posted by Peter Krempa 4 years, 4 months ago 
We don't need to validate the real command twice, but it's better to
check that the real command name exists and it's not an alias to prevent
loops.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 tools/vsh.c | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/tools/vsh.c b/tools/vsh.c
index eb17a58dc0..05da50eace 100644
--- a/tools/vsh.c
+++ b/tools/vsh.c
@@ -269,11 +269,27 @@ vshCmddefCheckInternals(vshControl *ctl,

     /* in order to perform the validation resolve the alias first */
     if (cmd->flags & VSH_CMD_FLAG_ALIAS) {
+        const vshCmdDef *alias;
+
         if (!cmd->alias) {
             vshError(ctl, _("command '%s' has inconsistent alias"), cmd->name);
             return -1;
         }
-        cmd = vshCmddefSearch(cmd->alias);
+
+        if (!(alias = vshCmddefSearch(cmd->alias))) {
+            vshError(ctl, _("command alias '%s' is pointing to a non-existant command '%s'"),
+                     cmd->name, cmd->alias);
+            return -1;
+        }
+
+        if (alias->flags & VSH_CMD_FLAG_ALIAS) {
+            vshError(ctl, _("command alias '%s' is pointing to another command alias '%s'"),
+                     cmd->name, cmd->alias);
+            return -1;
+        }
+
+        /* we don't need to continue as the real command will be checked separately */
+        return 0;
     }

     /* Each command has to provide a non-empty help string. */
-- 
2.31.1

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.