From 5af5b5324cfc096ff80e96b06b3eb4d6f03307a3 Mon Sep 17 00:00:00 2001 From: Ben Pfaff Date: Fri, 14 Oct 2011 10:17:41 -0700 Subject: [PATCH] bridge: Forbid '/' in bridge names to prevent arbitrary directory access. --- vswitchd/bridge.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c index 186f2501..4e2833e0 100644 --- a/vswitchd/bridge.c +++ b/vswitchd/bridge.c @@ -739,9 +739,16 @@ add_del_bridges(const struct ovsrec_open_vswitch *cfg) /* Collect new bridges' names and types. */ shash_init(&new_br); for (i = 0; i < cfg->n_bridges; i++) { + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); const struct ovsrec_bridge *br_cfg = cfg->bridges[i]; - if (!shash_add_once(&new_br, br_cfg->name, br_cfg)) { - VLOG_WARN("bridge %s specified twice", br_cfg->name); + + if (strchr(br_cfg->name, '/')) { + /* Prevent remote ovsdb-server users from accessing arbitrary + * directories, e.g. consider a bridge named "../../../etc/". */ + VLOG_WARN_RL(&rl, "ignoring bridge with invalid name \"%s\"", + br_cfg->name); + } else if (!shash_add_once(&new_br, br_cfg->name, br_cfg)) { + VLOG_WARN_RL(&rl, "bridge %s specified twice", br_cfg->name); } } -- 2.30.2