diff mbox

[RFC,v2,9/9] rbd: Reject invalid authentication methods

Message ID 1490377482-13337-10-git-send-email-armbru@redhat.com
State New
Headers show

Commit Message

Markus Armbruster March 24, 2017, 5:44 p.m. UTC 
Signed-off-by: Markus Armbruster <armbru@redhat.com>
---
 block/rbd.c | 7 +++++++
 1 file changed, 7 insertions(+)

Comments

Eric Blake March 24, 2017, 7:05 p.m. UTC | #1 
On 03/24/2017 12:44 PM, Markus Armbruster wrote:
> Signed-off-by: Markus Armbruster <armbru@redhat.com>
> ---
>  block/rbd.c | 7 +++++++
>  1 file changed, 7 insertions(+)
> 

In short, since we have a QAPI enum of valid types, we should verify
that all members of the list match that enum.

Reviewed-by: Eric Blake <eblake@redhat.com>
diff mbox

Patch

diff --git a/block/rbd.c b/block/rbd.c
index e962641..19fd820 100644
--- a/block/rbd.c
+++ b/block/rbd.c
@@ -15,6 +15,7 @@ 
 
 #include <rbd/librbd.h>
 #include "qapi/error.h"
+#include "qapi/util.h"
 #include "qemu/error-report.h"
 #include "block/block_int.h"
 #include "crypto/secret.h"
@@ -506,11 +507,17 @@  static char *qemu_rbd_auth(QDict *options, Error **errp)
         }
 
         vals[i] = qstring_get_str(qobject_to_qstring(val));
+        if (qapi_enum_parse(RbdAuthSupport_lookup, vals[i],
+                            RBD_AUTH_SUPPORT__MAX, -1, errp) < 0) {
+            rados_str = NULL;
+            goto out;
+        }
         qdict_del(options, keybuf);
     }
     vals[i] = NULL;
 
     rados_str = i ? g_strjoinv(";", (char **)vals) : NULL;
+out:
     g_free(vals);
     return rados_str;
 }