Xen project Mailing List

[PATCH 2/2] ioctl_store: Extract path checking to its own function

From: Tu Dinh <ngoc-tu.dinh@xxxxxxxxxx>

Date: Thu, 25 Jun 2026 10:39:15 +0200

Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=vates.tech header.i="@vates.tech" header.h="From:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:In-Reply-To:References:Feedback-ID"

Cc: Tu Dinh <ngoc-tu.dinh@xxxxxxxxxx>

Delivery-date: Thu, 25 Jun 2026 08:39:27 +0000

Feedback-id: default:8631fc262581453bbf619ec5b2062170:Sweego

List-id: Developer list for the Windows PV Drivers subproject <win-pv-devel.lists.xenproject.org>

xenstore.txt specifies that "The permitted character for paths set is ASCII alphanumerics and plus the four punctuation characters -/_@ (hyphen slash underscore atsign). @ should be avoided except to specify special watches." Create __IsValidPath to check for the above criteria specifically. Since the '@' character is used for special watches, it is forbidden in __IsValidPath at the moment. Signed-off-by: Tu Dinh <ngoc-tu.dinh@xxxxxxxxxx> --- src/xeniface/ioctl_store.c | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/src/xeniface/ioctl_store.c b/src/xeniface/ioctl_store.c index 2ac96af..bc27b8b 100644 --- a/src/xeniface/ioctl_store.c +++ b/src/xeniface/ioctl_store.c @@ -40,6 +40,25 @@ #define XENSTORE_ABS_PATH_MAX 3072 #define XENSTORE_REL_PATH_MAX 2048 +static FORCEINLINE +BOOLEAN +__IsValidPath( + __in PCHAR Str, + __in ULONG Len + ) +{ + for ( ; Len--; ++Str) { + if (*Str == '\0') + return TRUE; + if (*Str != '-' && + *Str != '/' && + *Str != '_' && + !isalnum((unsigned char)*Str)) + break; + } + return FALSE; +} + static FORCEINLINE BOOLEAN __IsValidStr( @@ -110,7 +129,7 @@ IoctlStoreRead( goto fail1; status = STATUS_INVALID_PARAMETER; - if (!__IsValidStr(Buffer, InLen)) + if (!__IsValidPath(Buffer, InLen)) goto fail2; status = XENBUS_STORE(Read, &Fdo->StoreInterface, NULL, NULL, Buffer, &Value); @@ -178,7 +197,7 @@ IoctlStoreWrite( goto fail1; status = STATUS_INVALID_PARAMETER; - if (!__IsValidStr(Buffer, InLen)) + if (!__IsValidPath(Buffer, InLen)) goto fail2; Length = (ULONG)strlen(Buffer) + 1; @@ -226,7 +245,7 @@ IoctlStoreDirectory( goto fail1; status = STATUS_INVALID_PARAMETER; - if (!__IsValidStr(Buffer, InLen)) + if (!__IsValidPath(Buffer, InLen)) goto fail2; status = XENBUS_STORE(Directory, &Fdo->StoreInterface, NULL, NULL, Buffer, &Value); @@ -295,7 +314,7 @@ IoctlStoreRemove( goto fail1; status = STATUS_INVALID_PARAMETER; - if (!__IsValidStr(Buffer, InLen)) + if (!__IsValidPath(Buffer, InLen)) goto fail2; status = XENBUS_STORE(Remove, &Fdo->StoreInterface, NULL, NULL, Buffer); @@ -417,7 +436,7 @@ IoctlStoreSetPermissions( Path[In->PathLength - 1] = 0; status = STATUS_INVALID_PARAMETER; - if (!__IsValidStr(Path, In->PathLength)) + if (!__IsValidPath(Path, In->PathLength)) goto fail6; Trace("> Path '%s', NumberPermissions %lu\n", Path, In->NumberPermissions); @@ -534,7 +553,7 @@ IoctlStoreAddWatch( Path[In->PathLength - 1] = 0; status = STATUS_INVALID_PARAMETER; - if (!__IsValidStr(Path, In->PathLength)) + if (!__IsValidPath(Path, In->PathLength)) goto fail4; status = STATUS_NO_MEMORY; -- 2.54.0.windows.1 -- Ngoc Tu Dinh | Vates XCP-ng Developer XCP-ng & Xen Orchestra - Vates solutions web: https://vates.tech

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.