From nobody Wed Nov 27 07:51:15 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1700221615; cv=none; d=zohomail.com; s=zohoarc; b=Y4XMqy1xucEHzyrfy13LBNB1KJxjrjR70wPzpc//PCI24MBnJalxcc5zILvEpIge6hpZ1N41DS//jC35KYwEiy5ne6oubdBLTO+noYS8EFL0KtllknIlx4Kqyy1MxoQEExjt2oyX8HZCKQx14/xe2slIlVvzPe/g909H/Muqeb0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1700221615; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=hUx1Y+YVOHfY8FYP0ISfdbkREh46U4FT600eIjFdKdw=; b=n0hDUNpTiY7VrGPMTedCMTkYjKgW8UdSvSozM5MW6zEc/y+Wv9iDugaNKm4MstJwRWsmOEaWCaQS/BsYehvcATfbR/wN8ZHZdfYMoQe/xm+YImalBKUJ+BK2MdFT+3xSbwW9DZ+LqkvJNOO0W5kd8z+wl1jQDy1P5B1njrzIuBg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1700221615710655.0926645638859; Fri, 17 Nov 2023 03:46:55 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1r3xIa-0005O2-TB; Fri, 17 Nov 2023 06:46:12 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r3xIS-0005Hi-T9 for qemu-devel@nongnu.org; Fri, 17 Nov 2023 06:46:06 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r3xIQ-0005mW-RX for qemu-devel@nongnu.org; Fri, 17 Nov 2023 06:46:04 -0500 Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-592-Yph25XrQNmugToWN8d9wZA-1; Fri, 17 Nov 2023 06:45:58 -0500 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 14BB61C06361; Fri, 17 Nov 2023 11:45:58 +0000 (UTC) Received: from thuth-p1g4.redhat.com (unknown [10.39.194.124]) by smtp.corp.redhat.com (Postfix) with ESMTP id E927F5028; Fri, 17 Nov 2023 11:45:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1700221561; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=hUx1Y+YVOHfY8FYP0ISfdbkREh46U4FT600eIjFdKdw=; b=ejQaXtyBP1F6tJDnqmy5oHt3/PtGpW0YItOdePDCD0oa0mmD+Wr4ipG+9/8RahVF/Xsn++ DHgWgNvs/9npZ2XlmHIxQVpu6pLneVQlN4gHfqpXpzMnTujMdUWmjAuGo3U7I0Q8LtIec/ 9pu4+tO+ULH1TvHCv2JlLz0U06T/Kh0= X-MC-Unique: Yph25XrQNmugToWN8d9wZA-1 From: Thomas Huth To: qemu-devel@nongnu.org, =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , Markus Armbruster Cc: Alistair Francis , "Edgar E. Iglesias" , Peter Maydell , Paolo Bonzini , Peter Xu , David Hildenbrand , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Francisco Iglesias , Eduardo Habkost , Thomas Huth Subject: [PATCH v3 5/5] qom/object: Limit type names to alphanumerical and some few special characters Date: Fri, 17 Nov 2023 12:44:57 +0100 Message-ID: <20231117114457.177308-6-thuth@redhat.com> In-Reply-To: <20231117114457.177308-1-thuth@redhat.com> References: <20231117114457.177308-1-thuth@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.5 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=thuth@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -21 X-Spam_score: -2.2 X-Spam_bar: -- X-Spam_report: (-2.2 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.117, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1700221616969100006 Content-Type: text/plain; charset="utf-8" QOM names currently don't have any enforced naming rules. This can be problematic, e.g. when they are used on the command line for the "-device" option (where the comma is used to separate properties). To avoid that such problematic type names come in again, let's restrict the set of acceptable characters during the type registration. Ideally, we'd apply here the same rules as for QAPI, i.e. all type names should begin with a letter, and contain only ASCII letters, digits, hyphen, and underscore. However, we already have so many pre-existing types like: 486-x86_64-cpu cfi.pflash01 power5+_v2.1-spapr-cpu-core virt-2.6-machine pc-i440fx-3.0-machine ... so that we have to allow "." and "+" for now, too. While the dot is used in a lot of places, the "+" can fortunately be limited to two classes of legacy names ("power" and "Sun-UltraSparc" CPUs). We also cannot enforce the rule that names must start with a letter yet, since there are lot of types that start with a digit. Still, at least limiting the first characters to the alphanumerical range should be way better than nothing. Signed-off-by: Thomas Huth Reviewed-by: Alistair Francis Reviewed-by: Philippe Mathieu-Daud=C3=A9 --- qom/object.c | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/qom/object.c b/qom/object.c index 95c0dc8285..654e1afaf2 100644 --- a/qom/object.c +++ b/qom/object.c @@ -138,9 +138,50 @@ static TypeImpl *type_new(const TypeInfo *info) return ti; } =20 +static bool type_name_is_valid(const char *name) +{ + const int slen =3D strlen(name); + int plen; + + g_assert(slen > 1); + + /* + * Ideally, the name should start with a letter - however, we've got + * too many names starting with a digit already, so allow digits here, + * too (except '0' which is not used yet) + */ + if (!g_ascii_isalnum(name[0]) || name[0] =3D=3D '0') { + return false; + } + + plen =3D strspn(name, "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "0123456789-_."); + + /* Allow some legacy names with '+' in it for compatibility reasons */ + if (name[plen] =3D=3D '+') { + if (plen =3D=3D 6 && g_str_has_prefix(name, "power")) { + /* Allow "power5+" and "power7+" CPU names*/ + return true; + } + if (plen >=3D 17 && g_str_has_prefix(name, "Sun-UltraSparc-I")) { + /* Allow "Sun-UltraSparc-IV+" and "Sun-UltraSparc-IIIi+" */ + return true; + } + } + + return plen =3D=3D slen; +} + static TypeImpl *type_register_internal(const TypeInfo *info) { TypeImpl *ti; + + if (!type_name_is_valid(info->name)) { + fprintf(stderr, "Registering '%s' with illegal type name\n", info-= >name); + abort(); + } + ti =3D type_new(info); =20 type_table_add(ti); --=20 2.42.0